Difference between revisions of "Open5gs: IMS Install Ubuntu 22.04"

From OnnoWiki
Jump to navigation Jump to search
 
(117 intermediate revisions by the same user not shown)
Line 2: Line 2:
  
  
Percobaan untuk ubuntu 22.04
+
 
 +
==Asumsi Konfigurasi==
 +
 
 +
* OS Ubuntu 22.04
 +
* Open5GS & IMS satu mesin
 +
* Satu Interface enp0s3
 +
* IP Statik enp0s3 192.168.0.5/24 gateway 192.168.0.222
 +
* IP Statik ogstun 10.45.0.1/16 & 2001:db8:cafe::1/48
 +
* Domain mnc070.mcc999.3gppnetwork.org
 +
* APN internet
 +
* MCC 999 MNC 70
 +
 
 +
==Install aplikasi pendukung ubuntu 22.04==
  
 
  apt update
 
  apt update
 
  apt upgrade -y
 
  apt upgrade -y
  apt install -y mysql-server tcpdump screen ntp ntpdate git dkms gcc flex bison \
+
  apt install -y mysql-server tcpdump screen ntp ntpdate git dkms gcc flex bison libmysqlclient-dev make libssl-dev libcurl4-openssl-dev libxml2-dev libpcre3-dev bash-completion g++ autoconf rtpproxy libmnl-dev libsctp-dev strongswan libradcli-dev libradcli4 python3-dev
libmysqlclient-dev make libssl-dev libcurl4-openssl-dev libxml2-dev \
 
libpcre3-dev bash-completion g++ autoconf rtpproxy libmnl-dev libsctp-dev strongswan \
 
libradcli-dev libradcli4 python3-dev
 
 
 
  
 
==Install MySQL mariadb==
 
==Install MySQL mariadb==
Line 26: Line 34:
 
Edit kamctlrc
 
Edit kamctlrc
  
  sudo vim /etc/kamailio/kamctlrc
+
  sudo vi /etc/kamailio/kamctlrc
  
 
  DBENGINE=MYSQL
 
  DBENGINE=MYSQL
Line 34: Line 42:
  
 
  sudo systemctl restart kamailio
 
  sudo systemctl restart kamailio
 +
sudo systemctl enable kamailio
 
  sudo systemctl status kamailio
 
  sudo systemctl status kamailio
  
Line 69: Line 78:
 
Cek IP address server anda, pastikan isi kamctlrc
 
Cek IP address server anda, pastikan isi kamctlrc
  
  SIP_DOMAIN=ims.mnc001.mcc001.3gppnetwork.org
+
  SIP_DOMAIN=ims.mnc070.mcc999.3gppnetwork.org
  SIP_DOMAIN=192.168.0.214     # jika tidak ada DNS server / BIND
+
  SIP_DOMAIN=192.168.0.5     # jika tidak ada DNS server / BIND
 
  DBENGINE=MYSQL
 
  DBENGINE=MYSQL
  
Line 87: Line 96:
  
 
Cek database,
 
Cek database,
 
check database manually;
 
  
 
  mysql
 
  mysql
Line 120: Line 127:
 
   
 
   
 
  # Additional options that are passed to the daemon.
 
  # Additional options that are passed to the daemon.
  EXTRA_OPTS="-l 172.24.15.30 -d DBUG:LOG_LOCAL0"
+
  # EXTRA_OPTS=""
  EXTRA_OPTS="-l 192.168.0.214 -d DBUG:LOG_LOCAL0"
+
# EXTRA_OPTS="-l 172.24.15.30 -d DBUG:LOG_LOCAL0"
 +
  EXTRA_OPTS="-l 192.168.0.5 -d DBUG:LOG_LOCAL0"
  
Dimana, -l <PUBLIC_IP> tergantung jaringan kita misalnya kita hanya beroperasi di LAN bisa menjadi 192.168.0.214
+
Dimana, -l <PUBLIC_IP> tergantung jaringan kita misalnya kita hanya beroperasi di LAN bisa menjadi 192.168.0.5
  
 
Restart,
 
Restart,
  
 
  systemctl restart rtpproxy
 
  systemctl restart rtpproxy
 +
systemctl enable rtpproxy
 +
systemctl status rtpproxy
  
==Edit configuration file to fit your requirements for the VoIP platform==
+
==Edit file konfigurasi untuk VoIP platform==
  
 
Edit file
 
Edit file
Line 135: Line 145:
 
  vi /etc/kamailio/kamailio.cfg
 
  vi /etc/kamailio/kamailio.cfg
  
Follow the instruction in the comments to enable usage of MySQL. Basically you have to add several lines at the top of config file, like:
+
Cek IP address server. Masukan parameter ini ke file konfigurasi kamailio.cfg. Contoh
  
 
  #!define WITH_MYSQL
 
  #!define WITH_MYSQL
Line 142: Line 152:
 
  #!define WITH_NAT
 
  #!define WITH_NAT
 
   
 
   
  (uncomment this line)
+
  (uncomment line ini)
 
  auto_aliases=no
 
  auto_aliases=no
 
   
 
   
  (uncomment this line and enter the DNS domain created above)
+
  (uncomment line dan masuk hostname)
  alias="ims.mnc001.mcc001.3gppnetwork.org"
+
  alias="ims.mnc070.mcc999.3gppnetwork.org"
 
   
 
   
  (uncomment this line, 10.4.128.21 is the internal IP and 172.24.15.30 is the Public/Floating IP)
+
  (uncomment line, IP internal 10.4.128.21 and IP public 172.24.15.30)
 
  listen=udp:10.4.128.21:5060 advertise 172.24.15.30:5060
 
  listen=udp:10.4.128.21:5060 advertise 172.24.15.30:5060
 
  listen=tcp:10.4.128.21:5060 advertise 172.24.15.30:5060
 
  listen=tcp:10.4.128.21:5060 advertise 172.24.15.30:5060
  
(Further down, we will need to modify the rtpproxy_sock value to match the CONTROL_SOCK option we set for RTPProxy in /etc/default/rtpproxy)
+
Contoh untuk IP server 192.168.0.5,
  
  modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722")
+
  #!define WITH_MYSQL
 +
#!define WITH_AUTH
 +
#!define WITH_USRLOCDB
 +
#!define WITH_NAT
 +
 +
/* uncomment the next line to disable the auto discovery of local aliases
 +
  * based on reverse DNS on IPs (default on) */
 +
auto_aliases=no
 +
 +
/* add local domain aliases - it can be set many times */
 +
alias="ims.mnc070.mcc999.3gppnetwork.org"
 +
alias="192.168.0.5"
 +
 +
/* listen sockets - if none set, Kamailio binds to all local IP addresses
 +
  * - basic prototype (full prototype can be found in Wiki - Core Cookbook):
 +
  *      listen=[proto]:[localip]:[lport] advertise [publicip]:[pport]
 +
  * - it can be set many times to add more sockets to listen to */
 +
listen=udp:192.168.0.5:5060
 +
listen=udp:10.45.0.1:5060
  
If you changed the password for the ‘kamailio’ user of MySQL, you have to update the value for ‘DBURL’ parameters.
+
Kita perlu memodifikasi rtpproxy_sock agar cocok CONTROL_SOCK di RTPProxy /etc/default/rtpproxy
  
==The init.d script==
+
modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722")
  
The init.d script can be used to start/stop the Kamailio server in a nicer way. A sample of init.d script for Kamailio is provided at:
+
Jika password user ‘kamailio’ untuk MySQL diubah, kita perlu update nilai ‘DBURL’ parameter.
  
/usr/local/src/kamailio/pkg/kamailio/deb/debian/kamailio.init
+
Cek,
Just copy the init file into the /etc/init.d/kamailio. Then change the permissions:
 
  
  cp /usr/local/src/kamailio/pkg/kamailio/deb/bionic/kamailio.init /etc/init.d/kamailio
+
  systemctl restart kamailio
  chmod 755 /etc/init.d/kamailio
+
  systemctl status kamailio
  
Then edit the /etc/init.d/kamailio file updating the $DAEMON and $CFGFILE values:
+
kamcmd rtpproxy.list
  
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin
+
==init.d Kamailio==
DAEMON=/usr/local/sbin/kamailio
 
CFGFILE=/usr/local/etc/kamailio/kamailio.cfg
 
  
You need to setup a configuration file in the /etc/default/ directory. This file can be found at:
+
Edit
  
  /usr/local/src/kamailio/pkg/kamailio/deb/bionic/kamailio.default
+
  vi /etc/default/kamailio
  
You need to rename the /etc/default/kamailio file to ‘kamailio’ after you’ve copied it. Then edit this file and set RUN_KAMAILIO=yes. Edit the other options as per your setup.
+
Pastikan,
  
  cp /usr/local/src/kamailio/pkg/kamailio/deb/bionic/kamailio.default /etc/default/kamailio
+
  RUN_KAMAILIO=yes
systemctl daemon-reload
 
  
 
Create the directory for pid file:
 
Create the directory for pid file:
Line 187: Line 211:
 
  mkdir -p /var/run/kamailio
 
  mkdir -p /var/run/kamailio
  
Default setting is to run Kamailio as user kamailio and group kamailio. For that you need to create the user and set ownership
+
Restart kamailio,
  
  adduser --quiet --system --group --disabled-password \
+
  systemctl daemon-reload
        --shell /bin/false --gecos "Kamailio" \
+
systemctl start kamailio.service
        --home /var/run/kamailio kamailio
+
systemctl restart kamailio.service
  chown kamailio:kamailio /var/run/kamailio
+
systemctl enable kamailio.service
 +
  systemctl status kamailio.service
  
Then you can start Kamailio using the following commands:
+
Cek kamailio yang running,
  
  systemctl start kamailio.service
+
  ps ax |grep kamailio
 +
 
 +
==Cek SIP server==
  
check running processes with: ps axw egrep kamailio
+
Buat subsciber account menggunakan
  
==A quick check for the basic working of SIP server can be done as follows:==
+
kamctl add <username> <password>
  
Create new subscriber accounts. A new account can be added using kamctl tool via kamctl add <username> <password> (When asked for entering MySQL password for user kamailio@localhost: type kamailiorw, as provided in kamailio.cfg)
+
Jika di tanya MySQL password, gunakan password kamailio@localhost: type kamailiorw seperti kamailio.cfg
  
 
  kamctl add test testpasswd
 
  kamctl add test testpasswd
 
  kamctl add test2 testpasswd
 
  kamctl add test2 testpasswd
  
Setting on OnePlus phones
+
Setting SIP Phone,  
 
 
Connect to a network through which SIP server is reachable (either Wi-Fi or LTE)
 
Goto phone dialer and select the Settings in the menu on top right corner
 
Then select Call settings
 
Configure SIP accounts in phones as added above using kamctl:
 
In Phone 1:
 
 
 
Username: test
 
Password: testpasswd
 
Server: ims.mnc001.mcc001.3gppnetwork.org (Created DNS Domain Name or IP to which IMS components are bound to, visible interface IP address)
 
Optional Settings:
 
    Authentication username: test
 
    Outbound proxy address: 172.24.15.30 (Floating IP of VM in case of OpenStack or else no need to fill in case of physical machine)
 
    Transport type: UDP
 
In Phone 2:
 
 
 
Username: test2
 
Password: testpasswd
 
Server: ims.mnc001.mcc001.3gppnetwork.org (Created DNS Domain Name or IP to which IMS components are bound to, visible interface IP address)
 
Optional Settings:
 
    Authentication username: test2
 
    Outbound proxy address: 172.24.15.30 (Floating IP of VM in case of OpenStack or else no need to fill in case of physical machine)
 
    Transport type: UDP
 
Set “Receive incoming calls” option to enabled state in both phones
 
Set “Use SIP calling” to “For all calls”
 
Add a new contact as follows:
 
In Phone 1:
 
 
 
Select more option
 
 
 
Name: SIP Contact test2 (Any arbitary name)
 
SIP: test2@ims.mnc001.mcc001.3gppnetwork.org (Created DNS Domain Name or IP to which IMS components are bound to, visible interface IP address)
 
Save and exit
 
 
 
In Phone 2:
 
 
 
Select more option
 
 
 
Name: SIP Contact test (Any arbitary name)
 
SIP: test@ims.mnc001.mcc001.3gppnetwork.org (Created DNS Domain Name or IP to which IMS components are bound to, visible interface IP address)
 
Save and exit
 
  
Now try calling from either phone
+
username
Upon completion of this test, set “Receive incoming calls” option to disabled state and set “Use SIP calling” to “Only for SIP calls”
+
password
 +
server
 +
outbound proxy server
 +
transport type: UDP
  
 
==Buat mysql database untuk pcscf, scscf and icscf==
 
==Buat mysql database untuk pcscf, scscf and icscf==
Line 259: Line 248:
 
  sudo su
 
  sudo su
 
  mkdir -p /usr/local/src/
 
  mkdir -p /usr/local/src/
 +
 
  cd /usr/local/src/
 
  cd /usr/local/src/
 
  git clone https://github.com/herlesupreeth/kamailio
 
  git clone https://github.com/herlesupreeth/kamailio
Line 268: Line 258:
 
  mysql
 
  mysql
  
 +
DROP DATABASE pcscf;
 +
DROP DATABASE scscf;
 +
DROP DATABASE icscf;
 +
 
  CREATE DATABASE pcscf;
 
  CREATE DATABASE pcscf;
 
  CREATE DATABASE scscf;
 
  CREATE DATABASE scscf;
 
  CREATE DATABASE icscf;
 
  CREATE DATABASE icscf;
 +
QUIT
  
  
In all of the below steps, when prompted for mysql root user password, leave it blank i.e. Press Enter
+
Lakukan perintah di bawah, jika di tanya mysql root user tekan ENTER.
  
  $ cd /usr/local/src/kamailio/utils/kamctl/mysql
+
  cd /usr/local/src/kamailio/utils/kamctl/mysql
  $ mysql -u root -p pcscf < standard-create.sql
+
 
  $ mysql -u root -p pcscf < presence-create.sql
+
  mysql -u root -p pcscf < standard-create.sql
  $ mysql -u root -p pcscf < ims_usrloc_pcscf-create.sql
+
  mysql -u root -p pcscf < presence-create.sql
  $ mysql -u root -p pcscf < ims_dialog-create.sql
+
  mysql -u root -p pcscf < ims_usrloc_pcscf-create.sql
 +
  mysql -u root -p pcscf < ims_dialog-create.sql
 
   
 
   
  $ mysql -u root -p scscf < standard-create.sql
+
  mysql -u root -p scscf < standard-create.sql
  $ mysql -u root -p scscf < presence-create.sql
+
  mysql -u root -p scscf < presence-create.sql
  $ mysql -u root -p scscf < ims_usrloc_scscf-create.sql
+
  mysql -u root -p scscf < ims_usrloc_scscf-create.sql
  $ mysql -u root -p scscf < ims_dialog-create.sql
+
  mysql -u root -p scscf < ims_dialog-create.sql
  $ mysql -u root -p scscf < ims_charging-create.sql
+
  mysql -u root -p scscf < ims_charging-create.sql
 
   
 
   
  $ cd /usr/local/src/kamailio/misc/examples/ims/icscf
+
  cd /usr/local/src/kamailio/misc/examples/ims/icscf
  $ mysql -u root -p icscf < icscf.sql
+
  mysql -u root -p icscf < icscf.sql
 +
 
 
Verify that following tables are present in respective databases by logging into mysql
 
Verify that following tables are present in respective databases by logging into mysql
   
+
 
 +
  mysql
 +
 
 +
USE pcscf;
 +
SHOW tables;
 +
 
 
   +-----------------+
 
   +-----------------+
 
   | Tables_in_pcscf |
 
   | Tables_in_pcscf |
Line 305: Line 307:
 
   | xcap            |
 
   | xcap            |
 
   +-----------------+
 
   +-----------------+
 +
 +
 +
USE scscf;
 +
SHOW tables;
 
   
 
   
 
   +-----------------+
 
   +-----------------+
Line 325: Line 331:
 
   | xcap            |
 
   | xcap            |
 
   +-----------------+
 
   +-----------------+
 +
 +
USE icscf;
 +
SHOW tables;
 
   
 
   
 
   +---------------------+
 
   +---------------------+
Line 334: Line 343:
 
   +---------------------+
 
   +---------------------+
  
  <mysql> grant delete,insert,select,update on pcscf.* to pcscf@localhost identified by 'heslo';
+
  grant delete,insert,select,update on pcscf.* to pcscf@localhost identified by 'heslo';
  <mysql> grant delete,insert,select,update on scscf.* to scscf@localhost identified by 'heslo';
+
  grant delete,insert,select,update on scscf.* to scscf@localhost identified by 'heslo';
  <mysql> grant delete,insert,select,update on icscf.* to icscf@localhost identified by 'heslo';
+
  grant delete,insert,select,update on icscf.* to icscf@localhost identified by 'heslo';
  <mysql> grant delete,insert,select,update on icscf.* to provisioning@localhost identified by 'provi';
+
  grant delete,insert,select,update on icscf.* to provisioning@localhost identified by 'provi';
  <mysql> GRANT ALL PRIVILEGES ON pcscf.* TO 'pcscf'@'%' identified by 'heslo';
+
  GRANT ALL PRIVILEGES ON pcscf.* TO 'pcscf'@'%' identified by 'heslo';
  <mysql> GRANT ALL PRIVILEGES ON scscf.* TO 'scscf'@'%' identified by 'heslo';
+
  GRANT ALL PRIVILEGES ON scscf.* TO 'scscf'@'%' identified by 'heslo';
  <mysql> GRANT ALL PRIVILEGES ON icscf.* TO 'icscf'@'%' identified by 'heslo';
+
  GRANT ALL PRIVILEGES ON icscf.* TO 'icscf'@'%' identified by 'heslo';
  <mysql> GRANT ALL PRIVILEGES ON icscf.* TO 'provisioning'@'%' identified by 'provi';
+
  GRANT ALL PRIVILEGES ON icscf.* TO 'provisioning'@'%' identified by 'provi';
  <mysql> FLUSH PRIVILEGES;
+
  FLUSH PRIVILEGES;
 +
QUIT
  
Then,
+
Selanjutnya (butuh setup DNS / BIND yang benar),
  
  $ mysql
+
  mysql
<mysql> use icscf;
 
<mysql> INSERT INTO `nds_trusted_domains` VALUES (1,'ims.mnc001.mcc001.3gppnetwork.org');
 
<mysql> INSERT INTO `s_cscf` VALUES (1,'First and only S-CSCF','sip:scscf.ims.mnc001.mcc001.3gppnetwork.org:6060');
 
<mysql> INSERT INTO `s_cscf_capabilities` VALUES (1,1,0),(2,1,1);
 
  
14. Copy pcscf, icscf and scscf configuration files to /etc folder and edit accordingly
+
USE icscf;
 +
INSERT INTO `nds_trusted_domains` VALUES (1,'ims.mnc070.mcc999.3gppnetwork.org');
 +
INSERT INTO `s_cscf` VALUES (1,'First and only S-CSCF','sip:scscf.ims.mnc070.mcc999.3gppnetwork.org:6060');
 +
INSERT INTO `s_cscf_capabilities` VALUES (1,1,0),(2,1,1);
 +
QUIT
  
cd ~ && git clone https://github.com/herlesupreeth/Kamailio_IMS_Config
 
cd Kamailio_IMS_Config
 
cp -r kamailio_icscf /etc
 
cp -r kamailio_pcscf /etc
 
cp -r kamailio_scscf /etc
 
  
==Setup the DNS for resolving IMS and EPC components names==
+
alternatif (jika DNS belum beres, gunakan IP address),
  
  apt install -y bind9
+
  mysql
 
 
Use the below example DNS Zone file to create a DNS Zone file into the bind folder and edit /etc/bind/named.conf.local and /etc/bind/named.conf.options accordingly:
 
 
 
cd /etc/bind
 
 
 
In the below example: Kamailio IMS & DNS server running at 10.4.128.21/172.24.15.30 (Floating IP) and PCRF also at 10.4.128.21/172.24.15.30 (Floating IP)
 
 
 
$ cat ims.mnc001.mcc001.3gppnetwork.org
 
 
   
 
   
  $ORIGIN ims.mnc001.mcc001.3gppnetwork.org.
+
  USE icscf;
  $TTL 1W
+
  INSERT INTO nds_trusted_domains VALUES (1,'192.168.0.5');
@                      1D IN SOA      localhost. root.localhost. (
+
  INSERT INTO s_cscf VALUES (1,'First and only S-CSCF','sip:192.168.0.5:6060');
                                        1               ; serial
+
  INSERT INTO s_cscf_capabilities VALUES (1,1,0),(2,1,1);
                                        3H              ; refresh
+
  QUIT
                                        15M            ; retry
 
                                        1W              ; expiry
 
                                        1D )            ; minimum
 
 
                        1D IN NS        ns
 
ns                      1D IN A        10.4.128.21
 
 
pcscf                  1D IN A        10.4.128.21
 
_sip._udp.pcscf        1D SRV 0 0 5060 pcscf
 
_sip._tcp.pcscf        1D SRV 0 0 5060 pcscf
 
   
 
icscf                  1D IN A        10.4.128.21
 
_sip._udp              1D SRV 0 0 4060 icscf
 
_sip._tcp              1D SRV 0 0 4060 icscf
 
 
scscf                  1D IN A        10.4.128.21
 
_sip._udp.scscf        1D SRV 0 0 6060 scscf
 
  _sip._tcp.scscf        1D SRV 0 0 6060 scscf
 
 
  hss                    1D IN A        10.4.128.21
 
  
Create another DNS zone for resolving pcrf domain as follows:
+
==Copy file konfigurasi pcscf, icscf & scscf ke folder /etc dan edit==
  
$ cat epc.mnc001.mcc001.3gppnetwork.org
+
Copy konfigurasi
 
 
$ORIGIN epc.mnc001.mcc001.3gppnetwork.org.
 
$TTL 1W
 
@                      1D IN SOA      localhost. root.localhost. (
 
                                        1              ; serial
 
                                        3H              ; refresh
 
                                        15M            ; retry
 
                                        1W              ; expiry
 
                                        1D )            ; minimum 
 
 
                        1D IN NS        epcns
 
epcns                  1D IN A        10.4.128.21
 
 
pcrf                    1D IN A        127.0.0.5
 
  
Edit /etc/bind/named.conf.local file as follows:
+
cd /usr/local/src/ && git clone https://github.com/herlesupreeth/Kamailio_IMS_Config
 +
cd Kamailio_IMS_Config
 +
cp -r kamailio_icscf /etc
 +
cp -r kamailio_pcscf /etc
 +
cp -r kamailio_scscf /etc
  
//
+
ICSCF Edit supaya Domain mnc070.mcc999.3gppnetwork.org & IP 10.45.0.1
// Do any local configuration here
 
//
 
 
// Consider adding the 1918 zones here, if they are not used in your
 
// organization
 
//include "/etc/bind/zones.rfc1918";
 
 
zone "ims.mnc001.mcc001.3gppnetwork.org" {
 
        type master;
 
        file "/etc/bind/ims.mnc001.mcc001.3gppnetwork.org";
 
};
 
 
zone "epc.mnc001.mcc001.3gppnetwork.org" {
 
        type master;
 
        file "/etc/bind/epc.mnc001.mcc001.3gppnetwork.org";
 
};
 
  
Edit /etc/bind/named.conf.options file as follows:
+
vi /etc/kamailio_icscf/icscf.cfg
 
options {
 
        directory "/var/cache/bind";
 
 
        // If there is a firewall between you and nameservers you want
 
        // to talk to, you may need to fix the firewall to allow multiple
 
        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113
 
 
        // If your ISP provided one or more IP addresses for stable
 
        // nameservers, you probably want to use them as forwarders.
 
        // Uncomment the following block, and insert the addresses replacing
 
        // the all-0's placeholder.
 
 
        //forwarders {
 
        // Put here the IP address of other DNS server which could be used if name cannot be resolved with DNS server running in this machine (Optional)
 
        //10.4.128.2;
 
        //};
 
 
        //========================================================================
 
        // If BIND logs error messages about the root key being expired,
 
        // you will need to update your keys.  See https://www.isc.org/bind-keys
 
        //========================================================================
 
        dnssec-validation no;
 
        allow-query { any; };
 
 
        auth-nxdomain no;    # conform to RFC1035
 
        //listen-on-v6 { any; };
 
};
 
  
  $ systemctl restart bind9
+
  # SIP / UDP
 +
listen=udp:10.45.0.1:4060
 +
# listen=udp:10.4.128.21:4060
 +
#listen=udp:10.4.128.21:4060 advertise 172.24.15.30:4060
 +
# SIP / TCP
 +
listen=tcp:10.45.0.1:4060
 +
# listen=tcp:10.4.128.21:4060
 +
#listen=tcp:10.4.128.21:4060 advertise 172.24.15.30:4060
 +
# SIP / TCP/TLS
 +
#listen=tls:11.22.33.44:4061
 +
alias=ims.mnc070.mcc999.3gppnetwork.org
 +
#!define NETWORKNAME "ims.mnc070.mcc999.3gppnetwork.org"
 +
#!define HOSTNAME "icscf.ims.mnc099.mcc999.3gppnetwork.org"
 +
#!subst "/NETWORKNAME/ims.mnc070.mcc999.3gppnetwork.org/"
 +
#!subst "/HSS_REALM/ims.mnc070.mcc999.3gppnetwork.org/"
 +
#!define ENUM_SUFFIX "ims.mnc070.mcc999.3gppnetwork.org."
 +
# SIP-Address of capturing node, if not set, capturing is disabled.
 +
##!define CAPTURE_NODE "sip:127.0.0.1:9060"
 +
# Connection URL for the database:
 +
#!define DB_URL "mysql://icscf:heslo@localhost/icscf"
 +
##!define DB_URL2 "con2=>mysql://icscf:heslo@127.0.0.1/icscf"
  
Then, test DNS resolution by adding following entries on top of all other entries in /etc/resolv.conf (make sure it persist across reboots)
+
vi /etc/kamailio_icscf/icscf.xml
  
  search ims.mnc001.mcc001.3gppnetwork.org
+
  <?xml version="1.0" encoding="UTF-8"?>
  nameserver 10.4.128.21
+
<DiameterPeer
 +
        FQDN="icscf.ims.mnc070.mcc999.3gppnetwork.org"
 +
        Realm="ims.mnc070.mcc999.3gppnetwork.org"
 +
        Vendor_Id="10415"
 +
        Product_Name="CDiameterPeer"
 +
        AcceptUnknownPeers="1"
 +
        DropUnknownOnDisconnect="1"
 +
        Tc="30"
 +
        Workers="16"
 +
        QueueLength="32"
 +
        TransactionTimeout="5"
 +
        SessionsHashSize="128"
 +
        DefaultAuthSessionTimeout="3600"
 +
        MaxAuthSessionTimeout="3600"
 +
  >
 +
        <Peer FQDN="hss.ims.mnc070.mcc999.3gppnetwork.org" Realm="ims.mnc070.mcc999.3gppnetwork.org" port="3868"/>
 +
        <Acceptor port="3869" bind="10.45.0.1"/>
 +
        <Auth id="16777216" vendor="10415"/><!-- 3GPP Cx -->
 +
        <Auth id="16777216" vendor="4491"/><!-- CableLabs Cx -->
 +
        <Auth id="16777216" vendor="13019"/><!-- ETSI/TISPAN Cx -->
 +
        <Auth id="16777216" vendor="0"/><!-- ETSI/TISPAN Cx -->
 +
        <!--
 +
                Supported Vendor IDs - list of values which will be sent in the CER/CEA in the
 +
                Supported-Vendor-ID AVPs
 +
        -->
 +
        <SupportedVendor vendor="10415" />
 +
        <DefaultRoute FQDN="hss.ims.mnc070.mcc999.3gppnetwork.org" metric="10"/>
 +
</DiameterPeer>
  
Finally, ping to ensure
 
  
$ ping pcscf
+
PCSCF Edit supaya Domain mnc070.mcc999.3gppnetwork.org & IP 10.45.0.1
PING pcscf.ims.mnc001.mcc001.3gppnetwork.org (10.4.128.21) 56(84) bytes of data.
 
64 bytes from localhost (10.4.128.21): icmp_seq=1 ttl=64 time=0.017 ms
 
64 bytes from localhost (10.4.128.21): icmp_seq=2 ttl=64 time=0.041 ms
 
  
To make changes in /etc/resolv.conf be persistent across reboot edit the /etc/netplan/50-cloud-init.yaml file as follows:
+
vi /etc/kamailio_pcscf/pcscf.cfg
  
  # This file is generated from information provided by
+
  # IP-Adress for incoming SIP-Traffic, in the following format:
  # the datasourceChanges to it will not persist across an instance.
+
  # SIP / UDP
  # To disable cloud-init's network configuration capabilities, write a file
+
listen=udp:10.45.0.1:5060
  # /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
+
  # listen=udp:10.4.128.21:5060
  # network: {config: disabled}
+
  # Uncomment the below line only when UE is behind double NAT (e.g. VoIP calling over WiFi/ CN behind a NAT)
  network:
+
  #listen=udp:10.4.128.21:5060 advertise 172.24.15.30:5060
    version: 2
+
  # SIP / TCP
    ethernets:
+
listen=tcp:10.45.0.1:5060
        ens3:
+
  # listen=tcp:10.4.128.21:5060
            dhcp4: true
+
# Uncomment the below line only when UE is behind double NAT (e.g. VoIP calling over WiFi/ CN behind a NAT)
            match:
+
#listen=tcp:10.4.128.21:5060 advertise 172.24.15.30:5060
                macaddress: fa:16:3e:99:f5:67
+
# SIP / TCP/TLS
            set-name: ens3
+
#listen=tls:11.22.33.44:5061
            nameservers:
+
# IPSEC / UDP
                search: [ims.mnc001.mcc001.3gppnetwork.org,epc.mnc001.mcc001.3gppnetwork.org]
+
#!define IPSEC_LISTEN_ADDR "10.45.0.1"
                addresses:
+
##!define IPSEC_LISTEN_ADDR "10.4.128.21"
                      - 10.4.128.21
+
#!define IPSEC_CLIENT_PORT 5100
    version: 2
+
#!define IPSEC_SERVER_PORT 6100
  $ netplan apply
+
#!define IPSEC_MAX_CONN 10
  $ ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf
+
# IP used in Rx_AAR_Register - IP of this P-CSCF, to be used in the flow for the AF-signaling
  $ systemctl restart systemd-resolved.service
+
#!define RX_AF_SIGNALING_IP "10.45.0.1"
 +
##!define RX_AF_SIGNALING_IP "10.4.128.21"
 +
# Uncomment the below line only when UE is behind double NAT (e.g. VoIP calling over WiFi/ CN behind a NAT)
 +
##!define RX_AF_SIGNALING_IP "172.24.15.30"
 +
alias=pcscf.ims.mnc070.mcc999.3gppnetwork.org
 +
#!define MY_WS_PORT 80
 +
#!define MY_WSS_PORT 443
 +
#!define PCSCF_URL "sip:pcscf.ims.mnc070.mcc999.3gppnetwork.org:5060"
 +
#!define TCP_PROCESSES 8
 +
#!subst "/NETWORKNAME/ims.mnc070.mcc999.3gppnetwork.org/"
 +
#!subst "/HOSTNAME/pcscf.ims.mnc070.mcc999.3gppnetwork.org/"
 +
#!subst "/PCRF_REALM/epc.mnc070.mcc999.3gppnetwork.org/"
 +
# SIP-Address of capturing node, if not set, capturing is disabled.
 +
##!define CAPTURE_NODE "sip:127.0.0.1:9060"
 +
# Allowed IPs for XML-RPC-Queries
 +
##!define XMLRPC_WHITELIST_1 "127.0.0.1"
 +
##!define XMLRPC_WHITELIST_2 "127.0.0.1"
 +
##!define XMLRPC_WHITELIST_3 "127.0.0.1"
 +
  # Databases:
 +
  #!define DB_URL "mysql://pcscf:heslo@127.0.0.1/pcscf"
 +
##!define DB_URL2 "con2=>mysql://pcscf:heslo@127.0.0.1/pcscf"
 +
#!define SQLOPS_DBURL "pcscf=>mysql://pcscf:heslo@127.0.0.1/pcscf"
 +
  #! Optional: Server-URL for Websocket-Requests
 +
##!define WEBSOCKET_WEBSERVER "phone.ng-voice.com"
 +
##!define TRF_FUNCTION "trf.ims.mnc070.mcc999.3gppnetwork.org"
  
==Install RTPEngine==
 
  
Check for dependencies, install dependencies and build .deb packages
+
vi /etc/kamailio_pcscf/pcscf.xml
  
  export DEB_BUILD_PROFILES="pkg.ngcp-rtpengine.nobcg729"
+
  <?xml version="1.0" encoding="UTF-8"?>
  apt install dpkg-dev
+
<DiameterPeer
git clone https://github.com/sipwise/rtpengine
+
        FQDN="pcscf.ims.mnc070.mcc999.3gppnetwork.org"
cd rtpengine && git checkout mr7.4.1
+
        Realm="ims.mnc070.mcc999.3gppnetwork.org"
  dpkg-checkbuilddeps
+
        Vendor_Id="10415"
 +
        Product_Name="CDiameterPeer"
 +
        AcceptUnknownPeers="1"
 +
        DropUnknownOnDisconnect="1"
 +
        Tc="30"
 +
        Workers="4"
 +
        QueueLength="8"
 +
        TransactionTimeout="5"
 +
        SessionsHashSize="128"
 +
        DefaultAuthSessionTimeout="3600"
 +
        MaxAuthSessionTimeout="3600"
 +
  >
 +
        <Peer FQDN="pcrf.epc.mnc070.mcc999.3gppnetwork.org" Realm="epc.mnc070.mcc999.3gppnetwork.org" port="3868"/>
 +
        <Acceptor port="3871" bind="10.45.0.1"/>
 +
        <Auth id="16777236" vendor="10415"/> <!-- 3GPP Rx -->
 +
        <Auth id="16777236" vendor="0"/> <!-- 3GPP Rx -->
 +
        <DefaultRoute FQDN="pcrf.epc.mnc070.mcc999.3gppnetwork.org" metric="10"/>
 +
  </DiameterPeer>
  
The above command checks for dependencies and give you a list of dependencies which are missing in the system. The below list is the result of this command
+
SCSCF Edit supaya Domain mnc070.mcc999.3gppnetwork.org & IP 10.45.0.1
  
  apt install debhelper default-libmysqlclient-dev gperf iptables-dev libavcodec-dev libavfilter-dev libavformat-dev libavutil-dev libbencode-perl libcrypt-openssl-rsa-perl libcrypt-rijndael-perl libdigest-crc-perl libdigest-hmac-perl libevent-dev libhiredis-dev libio-multiplex-perl libio-socket-inet6-perl libiptc-dev libjson-glib-dev libnet-interface-perl libpcap0.8-dev libsocket6-perl libspandsp-dev libswresample-dev libsystemd-dev libxmlrpc-core-c3-dev markdown dkms module-assistant keyutils libnfsidmap2 libtirpc1 nfs-common rpcbind
+
  vi /etc/kamailio_scscf/scscf.cfg
  
After installing dependencies run the below command again and verify that no dependencies are left out
+
# SIP / UDP
 +
listen=udp:10.45.0.1:6060
 +
#listen=udp:10.4.128.21:6060
 +
#listen=udp:10.4.128.21:6060 advertise 172.24.15.30:6060
 +
# SIP / TCP
 +
listen=tcp:10.45.0.1:6060
 +
#listen=tcp:10.4.128.21:6060
 +
#listen=tcp:10.4.128.21:6060 advertise 172.24.15.30:6060
 +
# SIP / TCP/TLS
 +
#listen=tls:11.22.33.44:6061
 +
#!define NETWORKNAME "ims.mnc070.mcc999.3gppnetwork.org"
 +
#!define NETWORKNAME_ESC "ims\.mnc070\.mcc999\.3gppnetwork\.org"
 +
#!define HOSTNAME "scscf.ims.mnc070.mcc999.3gppnetwork.org"
 +
#!define HOSTNAME_ESC "scscf\.ims\.mnc070\.mcc999\.3gppnetwork\.org"
 +
#!define URI "sip:scscf.ims.mnc070.mcc999.3gppnetwork.org:6060"
 +
#!subst "/NETWORKNAME/ims.mnc070.mcc999.3gppnetwork.org/"
 +
#!subst "/HSS_REALM/ims.mnc070.mcc999.3gppnetwork.org/"
 +
alias=scscf.ims.mnc070.mcc999.3gppnetwork.org
 +
# ENUM-Server to query:
 +
#!define ENUM_SUFFIX "ims.mnc070.mcc999.3gppnetwork.org."
 +
# SIP-Address of capturing node, if not set, capturing is disabled.
 +
##!define CAPTURE_NODE "sip:127.0.0.1:9060"
 +
# Connection URL for the database:
 +
# For use with a single database:
 +
#!define DB_URL "mysql://scscf:heslo@127.0.0.1/scscf"
 +
# For use with DB_Cluster: con1 (primary), con2 (backup)
 +
##!define DB_URL "con1=>mysql://scscf:heslo@127.0.0.1/scscf"
 +
##!define DB_URL2 "con2=>mysql://scscf:heslo@127.0.0.1/scscf"
  
dpkg-checkbuilddeps
 
  
This should just return back to shell with no output if all depedencies are met
+
vi /etc/kamailio_scscf/scscf.xml
  
  dpkg-buildpackage -uc -us
+
  <?xml version="1.0" encoding="UTF-8"?>
  cd ..
+
  <DiameterPeer
dpkg -i *.deb
+
        FQDN="scscf.ims.mnc070.mcc999.3gppnetwork.org"
cp /etc/rtpengine/rtpengine.sample.conf /etc/rtpengine/rtpengine.conf
+
        Realm="ims.mnc070.mcc999.3gppnetwork.org"
 
+
        Vendor_Id="10415"
Edit this file as follows under [rtpengine]:
+
        Product_Name="CDiameterPeer"
 
+
        AcceptUnknownPeers="1"
interface = 10.4.128.21
+
        DropUnknownOnDisconnect="1"
 
+
        Tc="30"
Port on which rtpengine binds i.e. listen_ng parameter is udp port 2223. This should be updated in kamailio_pcscf.cfg file at modparam(rtpengine …)
+
        Workers="16"
 
+
        QueueLength="32"
# ----- rtpproxy params -----
+
        TransactionTimeout="5"
modparam("rtpengine", "rtpengine_sock", "1 == udp:localhost:2223")
+
        SessionsHashSize="128"
 
+
        DefaultAuthSessionTimeout="3600"
Edit /etc/default/ngcp-rtpengine-daemon and /etc/default/ngcp-rtpengine-recording-daemon as follows in respective files:
+
        MaxAuthSessionTimeout="3600"
 
+
>
RUN_RTPENGINE=yes
+
        <Peer FQDN="hss.ims.mnc070.mcc999.3gppnetwork.org" Realm="ims.mnc070.mcc999.3gppnetwork.org" port="3868"/>
RUN_RTPENGINE_RECORDING=yes
+
        <Acceptor port="3870" bind="10.45.0.1"/>
 
+
        <Auth id="16777216" vendor="10415"/><!-- 3GPP Cx -->
$ cp /etc/rtpengine/rtpengine-recording.sample.conf /etc/rtpengine/rtpengine-recording.conf
+
        <Auth id="16777216" vendor="4491"/><!-- CableLabs Cx -->
$ mkdir /var/spool/rtpengine
+
        <Auth id="16777216" vendor="13019"/><!-- ETSI/TISPAN Cx -->
$ systemctl restart ngcp-rtpengine-daemon.service ngcp-rtpengine-recording-daemon.service ngcp-rtpengine-recording-nfs-mount.service
+
        <Auth id="16777216" vendor="0"/><!-- ETSI/TISPAN Cx -->
$ systemctl enable ngcp-rtpengine-daemon.service ngcp-rtpengine-recording-daemon.service ngcp-rtpengine-recording-nfs-mount.service
+
        <Auth id="4" vendor="10415"/> <!--3GPP Ro -->
 
+
        <Acct id="4" vendor="10415" />
$ systemctl stop rtpproxy
+
        <!--
$ systemctl disable rtpproxy
+
                Supported Vendor IDs - list of values which will be sent in the CER/CEA in the
$ systemctl mask rtpproxy
+
                Supported-Vendor-ID AVPs
 
+
        -->
Second instance of RTPENGINE can be run as follows (Optional)
+
        <SupportedVendor vendor="10415" />
 
+
        <DefaultRoute FQDN="hss.ims.mnc070.mcc999.3gppnetwork.org" metric="10"/>
$ iptables -I rtpengine -p udp -j RTPENGINE --id 1
+
</DiameterPeer>
$ ip6tables -I INPUT -p udp -j RTPENGINE --id 1
 
$ echo 'del 1' > /proc/rtpengine/control
 
$ /usr/sbin/rtpengine --table=1 --interface=10.4.128.21 --listen-ng=127.0.0.1:2224 --tos=184 --pidfile=ngcp-rtpengine-daemon2.pid --no-fallback --foreground
 
  
 
==Running I-CSCF, P-CSCF and S-CSCF as separate process==
 
==Running I-CSCF, P-CSCF and S-CSCF as separate process==
Line 563: Line 592:
 
First, stop the default kamailio SIP server
 
First, stop the default kamailio SIP server
  
  $ systemctl stop kamailio
+
  systemctl stop kamailio
  $ systemctl disable kamailio
+
  systemctl disable kamailio
  $ systemctl mask kamailio
+
  systemctl mask kamailio
  
 
Run all the process as root and NOT sudo
 
Run all the process as root and NOT sudo
  
  $ mkdir -p /var/run/kamailio_pcscf
+
  mkdir -p /var/run/kamailio_pcscf
  $ kamailio -f /etc/kamailio_pcscf/kamailio_pcscf.cfg -P /kamailio_pcscf.pid -DD -E -e
+
  kamailio -f /etc/kamailio_pcscf/kamailio_pcscf.cfg -P /kamailio_pcscf.pid -DD -E -e
  $ mkdir -p /var/run/kamailio_scscf
+
  mkdir -p /var/run/kamailio_scscf
  $ kamailio -f /etc/kamailio_scscf/kamailio_scscf.cfg -P /kamailio_scscf.pid -DD -E -e
+
  kamailio -f /etc/kamailio_scscf/kamailio_scscf.cfg -P /kamailio_scscf.pid -DD -E -e
  $ mkdir -p /var/run/kamailio_icscf
+
  mkdir -p /var/run/kamailio_icscf
  $ kamailio -f /etc/kamailio_icscf/kamailio_icscf.cfg -P /kamailio_icscf.pid -DD -E -e
+
  kamailio -f /etc/kamailio_icscf/kamailio_icscf.cfg -P /kamailio_icscf.pid -DD -E -e
  
==Install Open5GS in the same machine as Kamailio IMS - Install Open5GS from source==
+
==Install Open5GS di mesin yang sama dengan Kamailio IMS==
  
 
Please refer to instructions at https://open5gs.org/open5gs/docs/guide/02-building-open5gs-from-sources/
 
Please refer to instructions at https://open5gs.org/open5gs/docs/guide/02-building-open5gs-from-sources/
  
If you are using OpenStack, installing Open5GS and Kamailio IMS on the same machine is very important because the Framed-IP-Address in the AAR request via Rx interface takes received IP address and port in ims_qos module, hence, if the Open5GS is on a separate VM/machine, the IP and port received in received_ip and received_port values seen by Kamailio IMS will be the NATed IP of the Open5GS machine resulting in failing of AAR request.
+
Instal Open5GS dan Kamailio IMS pada mesin yang sama menjadi penting karena Framed-IP-Address di AAR request via Rx interface akan mengambil received IP address dan port di ims_qos module, oleh karenanya, jika Open5GS berbeda VM/mesin, akan di NAT sehingga kemungkian AAR request akan gagal.
  
Modify below mentioned parts of configuration files in addition to Configure Open5GS section. For reference, look at the configuration files at https://github.com/herlesupreeth/Open5gs_Config. These configuration only holds for open5gs tag v1.3.0, please tweak configuration files based on the open5gs tag you use.
+
Silahkan ikuti petunjuk konfigurasi Open5GS. Pada dasarnya yang dilakukan adalah,
  
Change realm of components to epc.mnc001.mcc001.3gppnetwork.org
+
* Ubah realm ke epc.mnc070.mcc999.3gppnetwork.org
Define IP pools for APNs used i.e one for default APN and another for IMS apn
+
* Define IP pool APN yang digunakan satu untuk APN default (internet) dan satu untuk IMS APN
Define P-CSCF address in the pgw configuration
+
* Define P-CSCF address dalam konfigurasi pgw
Define a ConnectPeer for pcscf.ims.mnc001.mcc001.3gppnetwork.org with its IP and port in PCRF freediameter configuration
+
* Define ConnectPeer untuk pcscf.ims.mnc070.mcc777.3gppnetwork.org dengan IP port seperti PCRF freediameter configuration
Setup IP tables for the UE pools defined and create appropriate tun interfaces
+
* Setup IP tables untuk UE pool untuk tun interface
Below startup script can be used for setting up interfaces:
 
 
 
#!/bin/bash
 
 
sudo sysctl -w net.ipv4.ip_forward=1
 
sudo sysctl -w net.ipv6.conf.all.forwarding=1
 
 
ip tuntap add name ogstun mode tun
 
ip addr add 192.168.100.1/24 dev ogstun
 
ip addr add fd84:6aea:c36e:2b69::/48 dev ogstun
 
ip link set ogstun mtu 1400
 
ip link set ogstun up
 
iptables -t nat -A POSTROUTING -s 192.168.100.0/24 ! -o ogstun -j MASQUERADE
 
ip6tables -t nat -A POSTROUTING -s fd84:6aea:c36e:2b69::/48 ! -o ogstun -j MASQUERADE
 
iptables -I INPUT -i ogstun -j ACCEPT
 
ip6tables -I INPUT -i ogstun -j ACCEPT
 
 
ip tuntap add name ogstun2 mode tun
 
ip addr add 192.168.101.1/24 dev ogstun2
 
ip addr add fd1f:76f3:da9b:0101::/48 dev ogstun2
 
ip link set ogstun2 mtu 1400
 
ip link set ogstun2 up
 
iptables -t nat -A POSTROUTING -s 192.168.101.0/24 ! -o ogstun2 -j MASQUERADE
 
ip6tables -t nat -A POSTROUTING -s fd1f:76f3:da9b:0101::/48 ! -o ogstun2 -j MASQUERADE
 
iptables -I INPUT -i ogstun2 -j ACCEPT
 
ip6tables -I INPUT -i ogstun2 -j ACCEPT
 
  
 
==ufw disable==
 
==ufw disable==
  
Add users with following APN settings in Open5GS:
+
Add user dengan setting APN berikut di Open5GS:
  
APN Configuration:
+
Konfigurasi APN:
 
  ---------------------------------------------------------------------------------------------------------------------
 
  ---------------------------------------------------------------------------------------------------------------------
 
  | APN      | Type | QCI | ARP | Capability | Vulnerablility | MBR DL/UL(Kbps)    | GBR DL/UL(Kbps) | PGW IP        |
 
  | APN      | Type | QCI | ARP | Capability | Vulnerablility | MBR DL/UL(Kbps)    | GBR DL/UL(Kbps) | PGW IP        |
Line 634: Line 637:
 
  |
 
  |
 
  ---------------------------------------------------------------------------------------------------------------------
 
  ---------------------------------------------------------------------------------------------------------------------
Finally, make sure of the following in Open5GS
+
Akhirnya, pastikan hal ini di Open5GS
 +
 
 +
* PCO option mengindikasikan address dari Proxy-CSCF
 +
* Perlu di indikasikan support untuk Voice-over-Packet-Switched (VoPS) di NAS message ke UE dari EPC
 +
 
 +
==Setup FoHSS agar bisa berbicara dengan I-CSCF dan S-CSCF==
 +
 
 +
Untuk kebutuhan FoHSS: Install Java JDK and ant
 +
 
 +
===Jika menggunakan Oracle Java===
 +
 
 +
* Buat account via
 +
**  https://login.oracle.com/mysso/signon.jsp
 +
** https://profile.oracle.com/myprofile/account/create-account.jspx
 +
 
 +
* Download Oracle Java 7 JDK dari link berikut,
 +
** https://www.oracle.com/technetwork/java/javase/downloads/java-archive-downloads-javase7-521261.html
 +
 
 +
Install menggunakan perintah,
 +
 
 +
mkdir -p  /usr/lib/jvm/
 +
tar -zxf java.tar.gz -C /usr/lib/jvm/
 +
update-alternatives --install /usr/bin/java java /usr/lib/jvm/jdk1.7.0_79/bin/java 100
 +
update-alternatives --install /usr/bin/javac javac /usr/lib/jvm/jdk1.7.0_79/bin/javac 100
 +
 
 +
===Jika menggunakan OpenJDK===
  
PCO options which indicate the address of the Proxy-CSCF
+
Install,
Need to indicate support for Voice-over-Packet-Switched (VoPS) in NAS message to UE from EPC
 
19. Setup FoHSS in order to talk with I-CSCF and S-CSCF
 
Requirements for FoHSS: Install Java JDK and ant
 
  
Download Oracle Java 7 JDK from following link using a browser:
+
apt update
 +
apt -y install openjdk-17-jdk openjdk-8-jdk default-jdk openjdk-19-jdk
  
https://www.oracle.com/technetwork/java/javase/downloads/java-archive-downloads-javase7-521261.html
+
Verifikasi java berhasil di konfigurasi dengan baik, jalankan
  
  $ mkdir -p  /usr/lib/jvm/
+
  update-alternatives --display java
$ tar -zxf jdk-7u79-linux-x64.tar.gz -C /usr/lib/jvm/
 
$ update-alternatives --install /usr/bin/java java /usr/lib/jvm/jdk1.7.0_79/bin/java 100
 
$ update-alternatives --install /usr/bin/javac javac /usr/lib/jvm/jdk1.7.0_79/bin/javac 100
 
  
Verify that java has been successfully configured by running:
+
akan keluar kira2,
  
$ update-alternatives --display java
+
  java - manual mode
  java - auto mode
+
   link best version is /usr/lib/jvm/java-19-openjdk-amd64/bin/java
   link best version is /usr/lib/jvm/jdk1.7.0_79/bin/java
+
   link currently points to /usr/lib/jvm/java-11-openjdk-amd64/bin/java
   link currently points to /usr/lib/jvm/jdk1.7.0_79/bin/java
 
 
   link java is /usr/bin/java
 
   link java is /usr/bin/java
  /usr/lib/jvm/jdk1.7.0_79/bin/java - priority 100
+
  slave java.1.gz is /usr/share/man/man1/java.1.gz
 +
/usr/lib/jvm/java-11-openjdk-amd64/bin/java - priority 1111
 +
  slave java.1.gz: /usr/lib/jvm/java-11-openjdk-amd64/man/man1/java.1.gz
 +
/usr/lib/jvm/java-17-openjdk-amd64/bin/java - priority 1711
 +
  slave java.1.gz: /usr/lib/jvm/java-17-openjdk-amd64/man/man1/java.1.gz
 +
  /usr/lib/jvm/java-19-openjdk-amd64/bin/java - priority 1911
 +
  slave java.1.gz: /usr/lib/jvm/java-19-openjdk-amd64/man/man1/java.1.gz
 +
/usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java - priority 1081
 +
  slave java.1.gz: /usr/lib/jvm/java-8-openjdk-amd64/jre/man/man1/java.1.gz
 +
 
 +
run,
 +
 
 +
update-alternatives --display javac
 +
 
 +
akan keluar kira2,
  
$ update-alternatives --display javac
+
  javac - manual mode
  javac - auto mode
+
   link best version is /usr/lib/jvm/java-19-openjdk-amd64/bin/javac
   link best version is /usr/lib/jvm/jdk1.7.0_79/bin/javac
+
   link currently points to /usr/lib/jvm/java-11-openjdk-amd64/bin/javac
   link currently points to /usr/lib/jvm/jdk1.7.0_79/bin/javac
 
 
   link javac is /usr/bin/javac
 
   link javac is /usr/bin/javac
  /usr/lib/jvm/jdk1.7.0_79/bin/javac - priority 100
+
  slave javac.1.gz is /usr/share/man/man1/javac.1.gz
 +
/usr/lib/jvm/java-11-openjdk-amd64/bin/javac - priority 1111
 +
  slave javac.1.gz: /usr/lib/jvm/java-11-openjdk-amd64/man/man1/javac.1.gz
 +
/usr/lib/jvm/java-17-openjdk-amd64/bin/javac - priority 1711
 +
  slave javac.1.gz: /usr/lib/jvm/java-17-openjdk-amd64/man/man1/javac.1.gz
 +
  /usr/lib/jvm/java-19-openjdk-amd64/bin/javac - priority 1911
 +
  slave javac.1.gz: /usr/lib/jvm/java-19-openjdk-amd64/man/man1/javac.1.gz
 +
/usr/lib/jvm/java-8-openjdk-amd64/bin/javac - priority 1081
 +
  slave javac.1.gz: /usr/lib/jvm/java-8-openjdk-amd64/man/man1/javac.1.gz
 +
 
 +
Pilih java
  
  $ update-alternatives --config java
+
  update-alternatives --config java
  (select java jdk1.7.0_79)
+
 
  $ update-alternatives --config javac
+
  There are 4 choices for the alternative java (providing /usr/bin/java).
 +
 +
  Selection    Path                                            Priority  Status
 +
------------------------------------------------------------
 +
  0            /usr/lib/jvm/java-19-openjdk-amd64/bin/java      1911      auto mode
 +
* 1            /usr/lib/jvm/java-11-openjdk-amd64/bin/java      1111      manual mode
 +
  2            /usr/lib/jvm/java-17-openjdk-amd64/bin/java      1711      manual mode
 +
  3            /usr/lib/jvm/java-19-openjdk-amd64/bin/java      1911      manual mode
 +
  4            /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java  1081      manual mode
 +
 +
Press <enter> to keep the current choice[*], or type selection number: 3
 +
update-alternatives: using /usr/lib/jvm/java-19-openjdk-amd64/bin/java to provide /usr/bin/java (java) in manual mode
 +
 
 +
Run,
 +
 
 +
  update-alternatives --config javac
 +
 
 +
There are 4 choices for the alternative javac (providing /usr/bin/javac).
 +
 +
  Selection    Path                                          Priority  Status
 +
------------------------------------------------------------
 +
  0            /usr/lib/jvm/java-19-openjdk-amd64/bin/javac  1911      auto mode
 +
* 1            /usr/lib/jvm/java-11-openjdk-amd64/bin/javac  1111      manual mode
 +
  2            /usr/lib/jvm/java-17-openjdk-amd64/bin/javac  1711      manual mode
 +
  3            /usr/lib/jvm/java-19-openjdk-amd64/bin/javac  1911      manual mode
 +
  4            /usr/lib/jvm/java-8-openjdk-amd64/bin/javac    1081      manual mode
 +
 +
Press <enter> to keep the current choice[*], or type selection number: 3
 +
update-alternatives: using /usr/lib/jvm/java-19-openjdk-amd64/bin/javac to provide /usr/bin/javac (javac) in manual mode
  
 
Check java version
 
Check java version
  
  $ java -version
+
  java -version
 +
 
 +
akan keluar kira2,
 +
 
 +
openjdk version "17.0.8" 2023-07-18
 +
OpenJDK Runtime Environment (build 17.0.8+7-Ubuntu-122.04)
 +
OpenJDK 64-Bit Server VM (build 17.0.8+7-Ubuntu-122.04, mixed mode, sharing)
 +
 
 +
atau
 +
 
 +
openjdk version "1.8.0_382"
 +
OpenJDK Runtime Environment (build 1.8.0_382-8u382-ga-1~22.04.1-b05)
 +
OpenJDK 64-Bit Server VM (build 25.382-b05, mixed mode)
  
  java version "1.7.0_79"
+
atau
  Java(TM) SE Runtime Environment (build 1.7.0_79-b15)
+
 
  Java HotSpot(TM) 64-Bit Server VM (build 24.79-b02, mixed mode)
+
  openjdk version "11.0.20" 2023-07-18
 +
  OpenJDK Runtime Environment (build 11.0.20+8-post-Ubuntu-1ubuntu122.04)
 +
OpenJDK 64-Bit Server VM (build 11.0.20+8-post-Ubuntu-1ubuntu122.04, mixed mode, sharing)
 +
 
 +
atau
 +
 
 +
openjdk version "19.0.2" 2023-01-17
 +
OpenJDK Runtime Environment (build 19.0.2+7-Ubuntu-0ubuntu322.04)
 +
  OpenJDK 64-Bit Server VM (build 19.0.2+7-Ubuntu-0ubuntu322.04, mixed mode, sharing)
  
 
==Install Ant==
 
==Install Ant==
  
$ cd ~
+
Install,
$ wget http://archive.apache.org/dist/ant/binaries/apache-ant-1.9.14-bin.tar.gz
 
$ tar xvfvz apache-ant-1.9.14-bin.tar.gz
 
$ mv apache-ant-1.9.14 /usr/local/
 
$ sh -c 'echo ANT_HOME=/usr/local/  >> /etc/environment'
 
$ ln -s /usr/local/apache-ant-1.9.14/bin/ant /usr/bin/ant
 
  
Verfiy ant version as follows:
+
sudo apt update
 +
sudo apt -y install ant
  
$ ant -version
+
Verfiy ant version as:
  
  Apache Ant(TM) version 1.9.14 compiled on March 12 2019
+
  ant -version
  
Create working directories for OpenIMSCore:
+
Apache Ant(TM) version 1.10.12 compiled on January 17 1970
  
$ mkdir /opt/OpenIMSCore
+
==Install FHoSS==
$ cd /opt/OpenIMSCore
 
  
Download:
+
Install
  
  $ git clone https://github.com/herlesupreeth/FHoSS
+
  rm -Rf /opt/OpenIMSCore
 +
mkdir /opt/OpenIMSCore
 +
cd /opt/OpenIMSCore
 +
git clone https://github.com/herlesupreeth/FHoSS
  
 
Compile:
 
Compile:
  
  $ cd FHoSS
+
  cd /opt/OpenIMSCore/FHoSS
  $ export JAVA_HOME="/usr/lib/jvm/jdk1.7.0_79"
+
  export JAVA_HOME="/usr/lib/jvm/java-17-openjdk-amd64/"
  $ export CLASSPATH="/usr/lib/jvm/jdk1.7.0_79/jre/lib/"
+
export CLASSPATH="/usr/share/gdb/auto-load/usr/lib/jvm/java-17-openjdk-amd64/jre/lib"
  $ ant compile deploy | tee ant_compile_deploy.txt
+
ant compile deploy | tee ant_compile_deploy.txt
 +
 
 +
atau,
 +
 
 +
cd /opt/OpenIMSCore/FHoSS
 +
export JAVA_HOME="/usr/lib/jvm/java-8-openjdk-amd64/"
 +
export CLASSPATH="/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/"
 +
ant compile deploy | tee ant_compile_deploy.txt
 +
 
 +
atau,
 +
 
 +
cd /opt/OpenIMSCore/FHoSS
 +
export JAVA_HOME="/usr/lib/jvm/java-11-openjdk-amd64/"
 +
  export CLASSPATH="/usr/share/gdb/auto-load/usr/lib/jvm/java-11-openjdk-amd64/jre/lib/"
 +
ant compile deploy | tee ant_compile_deploy.txt
 +
 
 +
atau,
 +
 
 +
cd /opt/OpenIMSCore/FHoSS
 +
export JAVA_HOME="/usr/lib/jvm/java-19-openjdk-amd64/"
 +
export CLASSPATH="/usr/share/gdb/auto-load/usr/lib/jvm/java-19-openjdk-amd64/jre/lib/"
 +
  ant compile deploy | tee ant_compile_deploy.txt
 +
 
 +
Buat configurator.sh menggunakan script berikut untuk mengubah domain name dan IP address di semua file konfigurasi
  
Create configurator.sh using below script to change domain names and IP address in all configuration files
+
cd deploy
 +
vi configurator.sh
  
$ cd deploy
+
Masukan,
$ vim configurator.sh
 
  
 
  #!/bin/bash
 
  #!/bin/bash
Line 783: Line 897:
 
   fi
 
   fi
  
  $ chmod +x configurator.sh
+
Save, dan ijinkan untuk di excute,
  $ ./configurator.sh  
+
 
 +
  chmod +x configurator.sh
 +
  ./configurator.sh
 +
 
 +
Domain Name:ims.mnc070.mcc999.3gppnetwork.org
 +
IP Adress:10.45.0.1
 +
File to change ["all" for everything, "exit" to quit]:all
 +
changing: c3p0.properties DiameterPeerHSS.xml hibernate.properties hss.properties log4j.properties
 +
 
 +
Cek domain open-ims untuk di ubah menjadi ims.mnc070.mcc999.3gppnetwork.org
 +
 
 +
grep -r "open-ims"
 +
 
 +
Edit
 +
 
 +
vi webapps/hss.web.console/WEB-INF/web.xml
 +
 
 +
Pastikan,
 +
 
 +
  <!-- Define the Login Configuration for this Application -->
 +
  <login-config>
 +
    <auth-method>BASIC</auth-method>
 +
    <realm-name>ims.mnc070.mcc999.3gppnetwork.org</realm-name>
 +
  </login-config>
 +
 
 +
Cek,
 +
 
 +
vi hibernate.properties
 +
 
 +
Pastikan
 +
 
 +
##hibernate.connection.url=jdbc:mysql://10.45.0.1:3306/hss_db
 +
hibernate.connection.url=jdbc:mysql://127.0.0.1:3306/hss_db
 +
 
 +
Lakukan,
 +
 
 +
cp configurator.sh ../scripts/
 +
cd ../scripts
 +
grep -r "open-ims"
 +
./configurator.sh  
  
  Domain Name:ims.mnc001.mcc001.3gppnetwork.org
+
  Domain Name:ims.mnc070.mcc999.3gppnetwork.org
  IP Adress:10.4.128.21
+
  IP Adress:10.45.0.1
 +
File to change ["all" for everything, "exit" to quit]:all
 +
changing: hss_db_migrate_as_register.sql hss_db_migrate_dsai.sql hss_db.sql userdata.sql
  
$ grep -r "open-ims"
+
Lakukan,
(Change realm name in the below file from open-ims.test to ims.mnc001.mcc001.3gppnetwork.org)
 
$ vim webapps/hss.web.console/WEB-INF/web.xml
 
$ vim hibernate.properties
 
And, change the following line:
 
  
hibernate.connection.url=jdbc:mysql://127.0.0.1:3306/hss_db
+
cp configurator.sh ../config/
$ cp configurator.sh ../scripts/
+
cd ../config
$ cd ../scripts
+
./configurator.sh  
$ grep -r "open-ims"
 
$ ./configurator.sh  
 
Domain Name:ims.mnc001.mcc001.3gppnetwork.org
 
IP Adress:10.4.128.21
 
  
$ cp configurator.sh ../config/
+
Domain Name:ims.mnc070.mcc999.3gppnetwork.org
$ cd ../config
+
IP Adress:10.45.0.1
$ ./configurator.sh
+
File to change ["all" for everything, "exit" to quit]:all
Domain Name:ims.mnc001.mcc001.3gppnetwork.org
+
changing: c3p0.properties DiameterPeerHSS.xml hibernate.properties hss.properties log4j.properties
IP Adress:10.4.128.21
 
  
$ cd ../src-web
+
cd ../src-web
$ vim WEB-INF/web.xml
+
vi WEB-INF/web.xml
And, change open-ims.test to ims.mnc001.mcc001.3gppnetwork.org
 
  
Prepare mysql database:
+
Ubah open-ims.org ke ims.mnc070.mcc999.3gppnetwork.org
  
$ mysql
+
  <!-- Define the Login Configuration for this Application -->
<mysql> drop database hss_db;
+
  <login-config>
<mysql> create database hss_db;
+
    <auth-method>BASIC</auth-method>
<mysql> quit
+
    <realm-name>ims.mnc070.mcc999.3gppnetwork.org</realm-name>
Import database located at /opt/OpenIMSCore into hss_db
+
  </login-config>
  
$ cd /opt/OpenIMSCore
 
$ mysql -u root -p hss_db < FHoSS/scripts/hss_db.sql
 
$ mysql -u root -p hss_db < FHoSS/scripts/userdata.sql
 
Check grants for mysql access rights at first time installation:
 
  
$ mysql
+
Persiapkan database mysql,
# See last line in hss_db.sql:
 
<mysql> grant delete,insert,select,update on hss_db.* to hss@localhost identified by 'hss';
 
<mysql> grant delete,insert,select,update on hss_db.* to hss@'%' identified by 'hss';
 
Check database if domain names are o.k. in various entries and privileges
 
  
$ mysql -u hss -p
+
mysql
<mysql> show databases;
+
<mysql> use hss_db;
+
DROP DATABASE hss_db;
<mysql> select * from impu;
+
CREATE DATABASE hss_db;
Prepare script-file, start HSS
+
QUIT
  
Copy startup.sh to hss.sh in root directory
+
Edit,
  
$ cp /opt/OpenIMSCore/FHoSS/deploy/startup.sh /root/hss.sh
+
vi /opt/OpenIMSCore/FHoSS/scripts/hss_db.sql
And, add the following to hss.sh before echo Building Classpath
 
  
cd /opt/OpenIMSCore/FHoSS/deploy
+
Pastikan,
JAVA_HOME="/usr/lib/jvm/jdk1.7.0_79"
 
CLASSPATH="/usr/lib/jvm/jdk1.7.0_79/jre/lib/"
 
Start HSS using hss.sh
 
  
$ ./hss.sh
+
# DB access rights
Access the web-interface of HSS: http://<IMS_VM_FLOATING_IP>:8080/hss.web.console/
+
grant delete,insert,select,update on hss_db.* to hss@localhost identified by 'hss';
 +
grant delete,insert,select,update on hss_db.* to hss@'%' identified by 'hss';
  
For example, http://172.24.15.30:8080/hss.web.console/
+
Import database dari /opt/OpenIMSCore ke hss_db
  
user:      hssAdmin
+
cd /opt/OpenIMSCore
password: hss
+
  mysql -u root -p hss_db < FHoSS/scripts/hss_db.sql
Then, edit the /etc/hosts file as follows:
+
mysql -u root -p hss_db < FHoSS/scripts/userdata.sql
  
In the below example. epc-ims is the hostname of the machine
+
Cek database bahwa domain, privileges dll semua OK
 +
 
 +
mysql -u root -p
 +
 +
SHOW databases;
 +
USE hss_db;
 +
SELECT * from impu;
 +
QUIT
 +
 
 +
+----+---------------------------------------------+------+---------+------------+-------+-----------------+------------------+--------------+--------------+----------------+--------------+
 +
| id | identity                                    | type | barring | user_state | id_sp | id_implicit_set | id_charging_info | wildcard_psi | display_name | psi_activation | can_register |
 +
+----+---------------------------------------------+------+---------+------------+-------+-----------------+------------------+--------------+--------------+----------------+--------------+
 +
|  1 | sip:alice@ims.mnc070.mcc999.3gppnetwork.org |    0 |      0 |          0 |    1 |              1 |                1 |              |              |              0 |            1 |
 +
|  2 | sip:bob@ims.mnc070.mcc999.3gppnetwork.org  |    0 |      0 |          0 |    1 |              2 |                1 |              |              |              0 |            1 |
 +
+----+---------------------------------------------+------+---------+------------+-------+-----------------+------------------+--------------+--------------+----------------+--------------+
 +
 
 +
 
 +
Siapkan script-file, start HSS. Copy startup.sh ke hss.sh di root directory
 +
 
 +
cp /opt/OpenIMSCore/FHoSS/deploy/startup.sh /root/hss.sh
 +
 
 +
dan, tambahkan pada hss.sh sebelum echo "Building Classpath"
 +
 
 +
cd /opt/OpenIMSCore/FHoSS/deploy
 +
JAVA_HOME="/usr/lib/jvm/java-17-openjdk-amd64/"
 +
CLASSPATH="/usr/share/gdb/auto-load/usr/lib/jvm/java-17-openjdk-amd64/jre/lib"
 +
 
 +
atau
 +
 
 +
cd /opt/OpenIMSCore/FHoSS/deploy
 +
JAVA_HOME="/usr/lib/jvm/java-8-openjdk-amd64/"
 +
CLASSPATH="/usr/lib/jvm/java-8-openjdk-amd64/jre/lib"
 +
 
 +
atau
 +
 
 +
cd /opt/OpenIMSCore/FHoSS
 +
export JAVA_HOME="/usr/lib/jvm/java-11-openjdk-amd64/"
 +
export CLASSPATH="/usr/share/gdb/auto-load/usr/lib/jvm/java-11-openjdk-amd64/jre/lib/"
 +
 
 +
atau
 +
 
 +
cd /opt/OpenIMSCore/FHoSS
 +
export JAVA_HOME="/usr/lib/jvm/java-19-openjdk-amd64/"
 +
export CLASSPATH="/usr/share/gdb/auto-load/usr/lib/jvm/java-19-openjdk-amd64/jre/lib/"
 +
 
 +
 
 +
Sehingga isi hss.sh menjadi,
 +
 
 +
vi /root/hss.sh
 +
 
 +
Start HSS menggunakan hss.sh
 +
#!/bin/bash
 +
# --------------------------------------------------------------
 +
# Include JAR Files
 +
# --------------------------------------------------------------
 +
 +
cd /opt/OpenIMSCore/FHoSS
 +
export JAVA_HOME="/usr/lib/jvm/java-19-openjdk-amd64/"
 +
export CLASSPATH="/usr/share/gdb/auto-load/usr/lib/jvm/java-19-openjdk-amd64/jre/lib/:/opt/OpenIMSCore/FHoSS/deploy/lib/:/opt/OpenIMSCore/FHoSS/deploy/webapps/ROOT/WEB-INF/lib/:/opt/OpenIMSCore/FHoSS/deploy/webapps/hss.web.console/WEB-INF/lib/"
 +
echo "Building Classpath"
 +
CLASSPATH=$CLASSPATH:log4j.properties:.
 +
for i in lib/*.jar; do CLASSPATH="$i":"$CLASSPATH"; done
 +
echo "Classpath is $CLASSPATH."
 +
 +
# --------------------------------------------------------------
 +
# Start-up
 +
# --------------------------------------------------------------
 +
 +
$JAVA_HOME/bin/java -cp $CLASSPATH de.fhg.fokus.hss.main.HSSContainer $1 $2 $3 $4 $5 $6 $7 $8 $9
 +
 
 +
Jalankan hss.sh,
 +
 
 +
cd /root/
 +
./hss.sh
 +
 
 +
===ERROR===
 +
 
 +
Building Classpath
 +
Classpath is lib/xml-apis.jar:lib/xercesImpl.jar:lib/xerces-2.4.0.jar:lib/xalan- 2.4.0.jar:lib/struts.jar:lib/servlet-api.jar:lib/mysql-connector-java-5.1.49-bin.jar:lib/mx4j-3.0.1.jar:lib/log4j.jar:lib/junit.jar:lib/junitee.jar:lib/jta.jar:lib/jsp-api.jar:lib/jdp.jar:lib/hibernate3.jar:lib/ehcache-1.1.jar:lib/dom4j-1.6.1.jar:lib/commons-validator.jar:lib/commons-logging.jar:lib/commons-logging-1.0.4.jar:lib/commons-lang.jar:lib/commons-fileupload.jar:lib/commons-digester.jar:lib/commons-collections-3.1.jar:lib/commons-beanutils.jar:lib/cglib-2.1.3.jar:lib/catalina-optional.jar:lib/catalina.jar:lib/c3p0-0.9.1.jar:lib/base64.jar:lib/asm.jar:lib/asm-attrs.jar:lib/antlr-2.7.6.jar:/usr/share/gdb/auto-load/usr/lib/jvm/java-19-openjdk-amd64/jre/lib/:log4j.properties:..
 +
Error: Could not find or load main class de.fhg.fokus.hss.main.HSSContainer
 +
Caused by: java.lang.ClassNotFoundException: de.fhg.fokus.hss.main.HSSContainer
 +
 
 +
The script should be run from the deploy/ directory.
 +
 
 +
~/openimscore-hss/FHoSS/deploy$ JAVA_HOME=/usr/lib/jvm/java-7-openjdk-amd64 ./startup.sh
 +
 
 +
 
 +
 
 +
Padahal ada
 +
 
 +
/opt/OpenIMSCore/FHoSS/bin/de/fhg/fokus/hss/main/HSSContainer.class
 +
/opt/OpenIMSCore/FHoSS/deploy/webapps/hss.web.console/WEB-INF/classes/de/fhg/fokus/hss/main/HSSContainer.class
 +
/opt/OpenIMSCore/FHoSS/src/de/fhg/fokus/hss/main/HSSContainer.java
 +
 
 +
 
 +
 
 +
Access HSS Web
 +
 
 +
http://<IMS_VM_FLOATING_IP>:8080/hss.web.console/
 +
http://172.24.15.30:8080/hss.web.console/
 +
http://192.168.0.5:8080/hss.web.console/
 +
 
 +
user:      hssAdmin
 +
password:  hss
 +
 
 +
Edit /etc/hosts masukan contoh:
 +
 
 +
cat /etc/hosts
 +
 
 +
127.0.0.1    localhost
 +
127.0.0.1    epc-ims
 +
 
 +
==Add IMS subscription use in FoHSS as follows from the Web GUI==
  
root@epc-ims:~# cat /etc/hosts
 
127.0.0.1    localhost
 
127.0.0.1    epc-ims
 
20. Add IMS subscription use in FoHSS as follows from the Web GUI
 
 
Assuming IMSI of the user as 001010123456791 and MSISDN is 0198765432100
 
Assuming IMSI of the user as 001010123456791 and MSISDN is 0198765432100
  
Login to the HSS web console.
+
Login to the HSS web console.
Navigate to the User Identities page
+
Navigate to the User Identities page
Create the IMSU  
+
Create the IMSU  
Click IMS Subscription / Create
+
Click IMS Subscription / Create
Enter:
+
Enter:
Name = 001010123456791
+
Name = 001010123456791
Capabilities Set = cap_set1
+
Capabilities Set = cap_set1
Preferred S-CSCF = scsf1
+
Preferred S-CSCF = scsf1
Click Save
+
Click Save
  
Create the IMPI and Associate the IMPI to the IMSU
+
Create the IMPI and Associate the IMPI to the IMSU
Click Create & Bind new IMPI
+
Click Create & Bind new IMPI
Enter:
+
Enter:
Identity = 001010123456791@ims.mnc001.mcc001.3gppnetwork.org
+
Identity = 001010123456791@ims.mnc070.mcc999.3gppnetwork.org
Secret Key = 8baf473f2f8fd09487cccbd7097c6862 (Ki value as in Open5GS HSS database)
+
Secret Key = 8baf473f2f8fd09487cccbd7097c6862 (Ki value as in Open5GS HSS database)
Authentication Schemes - All
+
Authentication Schemes - All
Default = Digest-AKAv1-MD5
+
Default = Digest-AKAv1-MD5
AMF = 8000 (As in Open5GS HSS database)
+
AMF = 8000 (As in Open5GS HSS database)
OP = 11111111111111111111111111111111 (As in Open5GS HSS database)
+
OP = 11111111111111111111111111111111 (As in Open5GS HSS database)
SQN = 000000021090 (SQN value as in Open5GS HSS database)
+
SQN = 000000021090 (SQN value as in Open5GS HSS database)
Click Save
+
Click Save
  
Create and Associate IMPI to IMPU
+
Create and Associate IMPI to IMPU
Click Create & Bind new IMPU
+
Click Create & Bind new IMPU
Enter:
+
Enter:
Identity = sip:001010123456791@ims.mnc001.mcc001.3gppnetwork.org
+
Identity = sip:001010123456791@ims.mnc070.mcc999.3gppnetwork.org
Barring = Yes
+
Barring = Yes
Service Profile = default_sp
+
Service Profile = default_sp
Charging-Info Set = default_charging_set
+
Charging-Info Set = default_charging_set
IMPU Type = Public_User_Identity
+
IMPU Type = Public_User_Identity
Click Save
+
Click Save
  
Add Visited Network to IMPU
+
Add Visited Network to IMPU
Enter:
+
Enter:
Visited Network = ims.mnc001.mcc001.3gppnetwork.org
+
Visited Network = ims.mnc070.mcc999.3gppnetwork.org
Click Add
+
Click Add
  
 
Now, goto Public User Identity and create further IMPUs as following
 
Now, goto Public User Identity and create further IMPUs as following
Line 906: Line 1,148:
 
1. tel:0198765432100
 
1. tel:0198765432100
  
Public User Identity -IMPU-
+
Public User Identity -IMPU-
Identity = tel:0198765432100
+
Identity = tel:0198765432100
Service Profile = default_sp
+
Service Profile = default_sp
Charging-Info Set = default_charging_set
+
Charging-Info Set = default_charging_set
Can Register = Yes
+
Can Register = Yes
IMPU Type = Public_User_Identity
+
IMPU Type = Public_User_Identity
Click Save
+
Click Save
  
 
Add Visited Network to IMPU
 
Add Visited Network to IMPU
Enter:
+
 
Visited Network = ims.mnc001.mcc001.3gppnetwork.org
+
Enter:
Click Add
+
Visited Network = ims.mnc070.mcc999.3gppnetwork.org
 +
Click Add
  
 
Associate IMPI(s) to IMPU
 
Associate IMPI(s) to IMPU
IMPI Identity = 001010123456791@ims.mnc001.mcc001.3gppnetwork.org
+
IMPI Identity = 001010123456791@ims.mnc070.mcc999.3gppnetwork.org
Click Add
+
Click Add
  
2. sip:0198765432100@ims.mnc001.mcc001.3gppnetwork.org
+
2. sip:0198765432100@ims.mnc070.mcc999.3gppnetwork.org
  
Public User Identity -IMPU-
+
Public User Identity -IMPU-
Identity = sip:0198765432100@ims.mnc001.mcc001.3gppnetwork.org
+
Identity = sip:0198765432100@ims.mnc070.mcc999.3gppnetwork.org
Service Profile = default_sp
+
Service Profile = default_sp
Charging-Info Set = default_charging_set
+
Charging-Info Set = default_charging_set
Can Register = Yes
+
Can Register = Yes
IMPU Type = Public_User_Identity
+
IMPU Type = Public_User_Identity
Click Save
+
Click Save
  
 
Add Visited Network to IMPU
 
Add Visited Network to IMPU
Enter:
+
Enter:
Visited Network = ims.mnc001.mcc001.3gppnetwork.org
+
Visited Network = ims.mnc070.mcc999.3gppnetwork.org
Click Add
+
Click Add
  
 
Associate IMPI(s) to IMPU
 
Associate IMPI(s) to IMPU
IMPI Identity = 001010123456791@ims.mnc001.mcc001.3gppnetwork.org
+
IMPI Identity = 001010123456791@ims.mnc070.mcc999.3gppnetwork.org
Click Add
+
Click Add
 +
 
 +
And, finally add these IMPUs as implicit set of IMSI derived IMPU in HSS i.e sip:001010123456791@ims.mnc070.mcc999.3gppnetwork.org as follows:
 +
 
 +
1. Goto to IMPU sip:001010123456791@ims.mnc070.mcc999.3gppnetwork.org
 +
2. In "Add IMPU(s) to Implicit-Set" section give IMPU Identity created above to be added to this IMPU
 +
 
 +
==APN setting==
 +
 
 +
Buang semua APN setting sebelumnya.
 +
Buat APN sebagai berikut,
 +
 
 +
* Create internet APN, APN name: internet, APN type: default –> Save APN
 +
* Create ims APN,      APN name: ims,      APN type: ims    –> Save APN
 +
 
 +
==eNB setting==
 +
 
 +
Yang perlu di set di eNB:
 +
 
 +
* Support QoS
 +
* Support Dedicated radio bearer creation
 +
* Pastikan konfigurasi DRB untuk QCI dari APN (QCI 5 untuk ims)
 +
 
 +
Pada mesin eNB tambahkan routiung statik berikut (karena internal IP of the VM akan di advertised S1AP messages dan UE tidak akan mencapai core di Uplink)
 +
 
 +
ip r add 10.45.0.1/32 via 192.168.0.5
 +
ip r add 10.45.0.1/32 via 172.24.15.30
 +
 
 +
==USIM and UE settings==
 +
 
 +
Pastikan SQN check disable di Sysmocom SIM card menggunakan sysmo-usim-tool tool
 +
 
 +
https://github.com/herlesupreeth/sysmo-usim-tool
 +
 
 +
Test menggunakan OnePlus 5 menggunakan methoda berikut, (Official Google method lebih di rekomendasikan agar handphone tidak rusak)
 +
 
 +
* (Official Google method) - Ikuti instruksi link @herlesupreeth/CoIMS_Wiki untuk memaksa VoLTE enable menggunakan Carrier Privilege
 +
* (Risky method) Modifikasi untuk memaksa registrasi IMS atau UE tidak akan berusaha untuk connect ke P-CSCF. Perlu apply fix setelah setiap update. https://forum.xda-developers.com/oneplus-5t/how-to/guide-volte-vowifi-german-carriers-t3817542
  
And, finally add these IMPUs as implicit set of IMSI derived IMPU in HSS i.e sip:001010123456791@ims.mnc001.mcc001.3gppnetwork.org as follows:
+
==Test voice call==
  
1. Goto to IMPU sip:001010123456791@ims.mnc001.mcc001.3gppnetwork.org
+
user1
2. In "Add IMPU(s) to Implicit-Set" section give IMPU Identity created above to be added to this IMPU
+
* IMSI 001010123456791
21. APN settings
+
* MSISDN 0198765432100
Clear all previous APN settings
 
  
Then, create APN as follows:
+
user2
 +
* IMSI 001010123456792
 +
* MSISDN 0298765432100
  
First create internet APN, APN name: internet, APN type: default –> Save APN
+
Coba call user1 dan user2
Then, create ims APN, APN name: ims, APN type: ims –> Save APN
 
22. eNB settings
 
Must have in the eNB:
 
  
Support for QoS
+
==Untuk Debugging==
Support for Dedicated radio bearer creation
 
Make sure to check the DRB configuration with respect to QCI of APN accordingly (QCI 5 for ims)
 
On the eNB machine have the following static routes (since internal IP of the VM is advertised in S1AP messages and UE wont find the core in Uplink)
 
  
$ ip r add 10.4.128.21/32 via 172.24.15.30
+
Debug menggunakan wireshark pada Open5GS machine dan menggunakan wireshark display filter
23. USIM and UE settings
 
Make sure to disable SQN check in Sysmocom SIM cards using sysmo-usim-tool tool https://github.com/herlesupreeth/sysmo-usim-tool
 
Tested with OnePlus 5 with following methods (Official Google method is the recommended method to prevent damage to phone)
 
(Official Google method) - Please follow the instructions in the following link @herlesupreeth/CoIMS_Wiki to force enable VoLTE using Carrier Privileges
 
(Risky method) With modfication to enable force IMS registration is a must or else UE will not even attempt to connect to P-CSCF. Need to apply the fix back after each update. https://forum.xda-developers.com/oneplus-5t/how-to/guide-volte-vowifi-german-carriers-t3817542
 
24. Start IMS components and FoHSS followed by Open5GS and eNB, then try connecting the phones
 
25. Test voice call
 
Assuming IMSI of the user1 as 001010123456791 and MSISDN is 0198765432100 and IMSI of the user2 as 001010123456792 and MSISDN is 0298765432100. Try calling user2 from user1 by dialing its MSISDN ie. 0298765432100
 
  
You can see the sample traffic. – [volte.pcapng].
+
s1ap || gtpv2 || pfcp || diameter || diameter.3gpp || sip
26. For debugging
 
Debug using wireshark at Open5GS machine and following wireshark display filter
 
  
s1ap || gtpv2 || pfcp || diameter || diameter.3gpp || sip
+
Juga,
Also,
 
  
Debugging Diameter messages between PCRF and P-CSCF in Wireshark if the TCP/SCTP port other than 3868
+
Debugging Diameter messages antara PCRF dan P-CSCF di Wireshark jika TCP/SCTP port bukan 3868
  
Open Wireshark –> Preferences –> Protocols –> Diameter –> Change to whatever ports are being used
+
Open Wireshark –> Preferences –> Protocols –> Diameter –> Ubah ke port yang digunakan
  
 
==Referensi==
 
==Referensi==

Latest revision as of 08:57, 19 August 2023

Sumber: https://open5gs.org/open5gs/docs/tutorial/02-VoLTE-setup/


Asumsi Konfigurasi

  • OS Ubuntu 22.04
  • Open5GS & IMS satu mesin
  • Satu Interface enp0s3
  • IP Statik enp0s3 192.168.0.5/24 gateway 192.168.0.222
  • IP Statik ogstun 10.45.0.1/16 & 2001:db8:cafe::1/48
  • Domain mnc070.mcc999.3gppnetwork.org
  • APN internet
  • MCC 999 MNC 70

Install aplikasi pendukung ubuntu 22.04

apt update
apt upgrade -y
apt install -y mysql-server tcpdump screen ntp ntpdate git dkms gcc flex bison libmysqlclient-dev make libssl-dev libcurl4-openssl-dev libxml2-dev libpcre3-dev bash-completion g++ autoconf rtpproxy libmnl-dev libsctp-dev strongswan libradcli-dev libradcli4 python3-dev

Install MySQL mariadb

apt update
apt upgrade
apt -y install mariadb-server

Install Kamailio

Referensi: https://computingforgeeks.com/how-to-install-kamailio-sip-server-on-ubuntu/?expand_article=1

sudo apt -y install kamailio kamailio-mysql-modules kamailio-ims-modules kamailio-outbound-modules kamailio-presence-modules kamailio-xml-modules kamailio-tls-modules kamailio-utils-modules kamailio-sctp-modules kamailio-xmpp-modules

Edit kamctlrc

sudo vi /etc/kamailio/kamctlrc
DBENGINE=MYSQL
DBHOST=localhost

Restart

sudo systemctl restart kamailio
sudo systemctl enable kamailio
sudo systemctl status kamailio

Beberapa hal yang penting dari Kamailio. File binary dan script ada di,

/usr/sbin

Beberapa file binary penting,

kamailio - Kamailio SIP server
kamdbctl - script to create and manage the Databases
kamctl - script to manage and control Kamailio SIP server
kamcmd - CLI - command line tool to interface with Kamailio SIP server

Kamailio module di

/usr/lib/x86_64-linux-gnu/kamailio/modules

Kamailio documentation di

/usr/share/doc/kamailio

Kamailio konfigurasi

/etc/kamailio/

Setup MySQL database dengan kamctlrc

Set nilai SIP_DOMAIN dan DBENGINE. Edit kamctlrc

vi /etc/kamailio/kamctlrc

Cek IP address server anda, pastikan isi kamctlrc

SIP_DOMAIN=ims.mnc070.mcc999.3gppnetwork.org
SIP_DOMAIN=192.168.0.5     # jika tidak ada DNS server / BIND
DBENGINE=MYSQL

Run,

kamdbctl create

Masukan password, dan ketik

<ENTER>
utf32
y <ENTER>
y <ENTER>
y <ENTER>


Cek database,

mysql
SHOW databases;
USE kamailio;
SHOW tables;
SELECT * FROM subscriber;
QUIT

kamdbctl akan menambahkan dua user di MySQL username:password

kamailio:kamailiorw   - user untuk full access ke database kamailio
kamailioro:kamailioro - user untuk read-only ke database kamailio

Edit rtpproxy

Edit konfigurasi rtpproxy

vi /etc/default/rtpproxy

Ubah menjadi,

# Defaults for rtpproxy

# The control socket.
#CONTROL_SOCK="unix:/var/run/rtpproxy/rtpproxy.sock"
# To listen on an UDP socket, uncomment this line:
#CONTROL_SOCK=udp:127.0.0.1:22222
CONTROL_SOCK=udp:127.0.0.1:7722

# Additional options that are passed to the daemon.
# EXTRA_OPTS=""
# EXTRA_OPTS="-l 172.24.15.30 -d DBUG:LOG_LOCAL0"
EXTRA_OPTS="-l 192.168.0.5 -d DBUG:LOG_LOCAL0"

Dimana, -l <PUBLIC_IP> tergantung jaringan kita misalnya kita hanya beroperasi di LAN bisa menjadi 192.168.0.5

Restart,

systemctl restart rtpproxy
systemctl enable rtpproxy
systemctl status rtpproxy

Edit file konfigurasi untuk VoIP platform

Edit file

vi /etc/kamailio/kamailio.cfg

Cek IP address server. Masukan parameter ini ke file konfigurasi kamailio.cfg. Contoh

#!define WITH_MYSQL
#!define WITH_AUTH
#!define WITH_USRLOCDB
#!define WITH_NAT

(uncomment line ini)
auto_aliases=no

(uncomment line dan masuk hostname)
alias="ims.mnc070.mcc999.3gppnetwork.org"

(uncomment line, IP internal 10.4.128.21 and IP public 172.24.15.30)
listen=udp:10.4.128.21:5060 advertise 172.24.15.30:5060
listen=tcp:10.4.128.21:5060 advertise 172.24.15.30:5060

Contoh untuk IP server 192.168.0.5,

#!define WITH_MYSQL
#!define WITH_AUTH
#!define WITH_USRLOCDB
#!define WITH_NAT

/* uncomment the next line to disable the auto discovery of local aliases
 * based on reverse DNS on IPs (default on) */
auto_aliases=no

/* add local domain aliases - it can be set many times */
alias="ims.mnc070.mcc999.3gppnetwork.org"
alias="192.168.0.5"

/* listen sockets - if none set, Kamailio binds to all local IP addresses
 * - basic prototype (full prototype can be found in Wiki - Core Cookbook):
 *      listen=[proto]:[localip]:[lport] advertise [publicip]:[pport]
 * - it can be set many times to add more sockets to listen to */
listen=udp:192.168.0.5:5060
listen=udp:10.45.0.1:5060

Kita perlu memodifikasi rtpproxy_sock agar cocok CONTROL_SOCK di RTPProxy /etc/default/rtpproxy

modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722")

Jika password user ‘kamailio’ untuk MySQL diubah, kita perlu update nilai ‘DBURL’ parameter.

Cek,

systemctl restart kamailio
systemctl status kamailio
kamcmd rtpproxy.list

init.d Kamailio

Edit

vi /etc/default/kamailio

Pastikan,

RUN_KAMAILIO=yes

Create the directory for pid file:

mkdir -p /var/run/kamailio

Restart kamailio,

systemctl daemon-reload
systemctl start kamailio.service
systemctl restart kamailio.service
systemctl enable kamailio.service
systemctl status kamailio.service

Cek kamailio yang running,

ps ax |grep kamailio

Cek SIP server

Buat subsciber account menggunakan

kamctl add <username> <password>

Jika di tanya MySQL password, gunakan password kamailio@localhost: type kamailiorw seperti kamailio.cfg

kamctl add test testpasswd
kamctl add test2 testpasswd

Setting SIP Phone,

username
password
server
outbound proxy server
transport type: UDP

Buat mysql database untuk pcscf, scscf and icscf

Download source code kamailio

sudo su
mkdir -p /usr/local/src/
cd /usr/local/src/
git clone https://github.com/herlesupreeth/kamailio
cd kamailio
git checkout -b 5.7 origin/5.7

Create database,

mysql
DROP DATABASE pcscf;
DROP DATABASE scscf;
DROP DATABASE icscf;

CREATE DATABASE pcscf;
CREATE DATABASE scscf;
CREATE DATABASE icscf;
QUIT


Lakukan perintah di bawah, jika di tanya mysql root user tekan ENTER.

cd /usr/local/src/kamailio/utils/kamctl/mysql
mysql -u root -p pcscf < standard-create.sql
mysql -u root -p pcscf < presence-create.sql
mysql -u root -p pcscf < ims_usrloc_pcscf-create.sql
mysql -u root -p pcscf < ims_dialog-create.sql

mysql -u root -p scscf < standard-create.sql
mysql -u root -p scscf < presence-create.sql
mysql -u root -p scscf < ims_usrloc_scscf-create.sql
mysql -u root -p scscf < ims_dialog-create.sql
mysql -u root -p scscf < ims_charging-create.sql

cd /usr/local/src/kamailio/misc/examples/ims/icscf
mysql -u root -p icscf < icscf.sql

Verify that following tables are present in respective databases by logging into mysql

mysql
USE pcscf;
SHOW tables;
 +-----------------+
 | Tables_in_pcscf |
 +-----------------+
 | active_watchers |
 | dialog_in       |
 | dialog_out      |
 | dialog_vars     |
 | location        |
 | presentity      |
 | pua             |
 | version         |
 | watchers        |
 | xcap            |
 +-----------------+


USE scscf;
SHOW tables;

 +-----------------+
 | Tables_in_scscf |
 +-----------------+
 | active_watchers |
 | contact         |
 | dialog_in       |
 | dialog_out      |
 | dialog_vars     |
 | impu            |
 | impu_contact    |
 | impu_subscriber |
 | presentity      |
 | pua             |
 | ro_session      |
 | subscriber      |
 | version         |
 | watchers        |
 | xcap            |
 +-----------------+
USE icscf;
SHOW tables;

 +---------------------+
 | Tables_in_icscf     |
 +---------------------+
 | nds_trusted_domains |
 | s_cscf              |
 | s_cscf_capabilities |
 +---------------------+
grant delete,insert,select,update on pcscf.* to pcscf@localhost identified by 'heslo';
grant delete,insert,select,update on scscf.* to scscf@localhost identified by 'heslo';
grant delete,insert,select,update on icscf.* to icscf@localhost identified by 'heslo';
grant delete,insert,select,update on icscf.* to provisioning@localhost identified by 'provi';
GRANT ALL PRIVILEGES ON pcscf.* TO 'pcscf'@'%' identified by 'heslo';
GRANT ALL PRIVILEGES ON scscf.* TO 'scscf'@'%' identified by 'heslo';
GRANT ALL PRIVILEGES ON icscf.* TO 'icscf'@'%' identified by 'heslo';
GRANT ALL PRIVILEGES ON icscf.* TO 'provisioning'@'%' identified by 'provi';
FLUSH PRIVILEGES;
QUIT

Selanjutnya (butuh setup DNS / BIND yang benar),

mysql
USE icscf;
INSERT INTO `nds_trusted_domains` VALUES (1,'ims.mnc070.mcc999.3gppnetwork.org');
INSERT INTO `s_cscf` VALUES (1,'First and only S-CSCF','sip:scscf.ims.mnc070.mcc999.3gppnetwork.org:6060');
INSERT INTO `s_cscf_capabilities` VALUES (1,1,0),(2,1,1);
QUIT


alternatif (jika DNS belum beres, gunakan IP address),

mysql

USE icscf;
INSERT INTO nds_trusted_domains VALUES (1,'192.168.0.5');
INSERT INTO s_cscf VALUES (1,'First and only S-CSCF','sip:192.168.0.5:6060');
INSERT INTO s_cscf_capabilities VALUES (1,1,0),(2,1,1);
QUIT

Copy file konfigurasi pcscf, icscf & scscf ke folder /etc dan edit

Copy konfigurasi

cd /usr/local/src/ && git clone https://github.com/herlesupreeth/Kamailio_IMS_Config
cd Kamailio_IMS_Config
cp -r kamailio_icscf /etc
cp -r kamailio_pcscf /etc
cp -r kamailio_scscf /etc

ICSCF Edit supaya Domain mnc070.mcc999.3gppnetwork.org & IP 10.45.0.1

vi /etc/kamailio_icscf/icscf.cfg
# SIP / UDP
listen=udp:10.45.0.1:4060
# listen=udp:10.4.128.21:4060
#listen=udp:10.4.128.21:4060 advertise 172.24.15.30:4060
# SIP / TCP
listen=tcp:10.45.0.1:4060
# listen=tcp:10.4.128.21:4060
#listen=tcp:10.4.128.21:4060 advertise 172.24.15.30:4060
# SIP / TCP/TLS
#listen=tls:11.22.33.44:4061
alias=ims.mnc070.mcc999.3gppnetwork.org
#!define NETWORKNAME "ims.mnc070.mcc999.3gppnetwork.org"
#!define HOSTNAME "icscf.ims.mnc099.mcc999.3gppnetwork.org"
#!subst "/NETWORKNAME/ims.mnc070.mcc999.3gppnetwork.org/"
#!subst "/HSS_REALM/ims.mnc070.mcc999.3gppnetwork.org/"
#!define ENUM_SUFFIX "ims.mnc070.mcc999.3gppnetwork.org."
# SIP-Address of capturing node, if not set, capturing is disabled.
##!define CAPTURE_NODE "sip:127.0.0.1:9060"
# Connection URL for the database:
#!define DB_URL "mysql://icscf:heslo@localhost/icscf"
##!define DB_URL2 "con2=>mysql://icscf:heslo@127.0.0.1/icscf"
vi /etc/kamailio_icscf/icscf.xml
<?xml version="1.0" encoding="UTF-8"?>
<DiameterPeer 
        FQDN="icscf.ims.mnc070.mcc999.3gppnetwork.org"
        Realm="ims.mnc070.mcc999.3gppnetwork.org"
        Vendor_Id="10415"
        Product_Name="CDiameterPeer"
        AcceptUnknownPeers="1"
        DropUnknownOnDisconnect="1"
        Tc="30"
        Workers="16"
        QueueLength="32"
        TransactionTimeout="5"
        SessionsHashSize="128"
        DefaultAuthSessionTimeout="3600"
        MaxAuthSessionTimeout="3600"
>
        <Peer FQDN="hss.ims.mnc070.mcc999.3gppnetwork.org" Realm="ims.mnc070.mcc999.3gppnetwork.org" port="3868"/>
        <Acceptor port="3869" bind="10.45.0.1"/>
        <Auth id="16777216" vendor="10415"/>
        <Auth id="16777216" vendor="4491"/>
        <Auth id="16777216" vendor="13019"/>
        <Auth id="16777216" vendor="0"/> 
        <SupportedVendor vendor="10415" />
        <DefaultRoute FQDN="hss.ims.mnc070.mcc999.3gppnetwork.org" metric="10"/>
</DiameterPeer>


PCSCF Edit supaya Domain mnc070.mcc999.3gppnetwork.org & IP 10.45.0.1

vi /etc/kamailio_pcscf/pcscf.cfg
# IP-Adress for incoming SIP-Traffic, in the following format:
# SIP / UDP
listen=udp:10.45.0.1:5060
# listen=udp:10.4.128.21:5060
# Uncomment the below line only when UE is behind double NAT (e.g. VoIP calling over WiFi/ CN behind a NAT)
#listen=udp:10.4.128.21:5060 advertise 172.24.15.30:5060
# SIP / TCP
listen=tcp:10.45.0.1:5060
# listen=tcp:10.4.128.21:5060
# Uncomment the below line only when UE is behind double NAT (e.g. VoIP calling over WiFi/ CN behind a NAT)
#listen=tcp:10.4.128.21:5060 advertise 172.24.15.30:5060
# SIP / TCP/TLS
#listen=tls:11.22.33.44:5061
# IPSEC / UDP
#!define IPSEC_LISTEN_ADDR "10.45.0.1"
##!define IPSEC_LISTEN_ADDR "10.4.128.21"
#!define IPSEC_CLIENT_PORT 5100
#!define IPSEC_SERVER_PORT 6100
#!define IPSEC_MAX_CONN 10
# IP used in Rx_AAR_Register - IP of this P-CSCF, to be used in the flow for the AF-signaling
#!define RX_AF_SIGNALING_IP "10.45.0.1"
##!define RX_AF_SIGNALING_IP "10.4.128.21"
# Uncomment the below line only when UE is behind double NAT (e.g. VoIP calling over WiFi/ CN behind a NAT)
##!define RX_AF_SIGNALING_IP "172.24.15.30" 
alias=pcscf.ims.mnc070.mcc999.3gppnetwork.org
#!define MY_WS_PORT 80
#!define MY_WSS_PORT 443
#!define PCSCF_URL "sip:pcscf.ims.mnc070.mcc999.3gppnetwork.org:5060"
#!define TCP_PROCESSES 8
#!subst "/NETWORKNAME/ims.mnc070.mcc999.3gppnetwork.org/"
#!subst "/HOSTNAME/pcscf.ims.mnc070.mcc999.3gppnetwork.org/"
#!subst "/PCRF_REALM/epc.mnc070.mcc999.3gppnetwork.org/"
# SIP-Address of capturing node, if not set, capturing is disabled.
##!define CAPTURE_NODE "sip:127.0.0.1:9060"
# Allowed IPs for XML-RPC-Queries
##!define XMLRPC_WHITELIST_1 "127.0.0.1"
##!define XMLRPC_WHITELIST_2 "127.0.0.1"
##!define XMLRPC_WHITELIST_3 "127.0.0.1"
# Databases:
#!define DB_URL "mysql://pcscf:heslo@127.0.0.1/pcscf"
##!define DB_URL2 "con2=>mysql://pcscf:heslo@127.0.0.1/pcscf"
#!define SQLOPS_DBURL "pcscf=>mysql://pcscf:heslo@127.0.0.1/pcscf"
#! Optional: Server-URL for Websocket-Requests
##!define WEBSOCKET_WEBSERVER "phone.ng-voice.com"
##!define TRF_FUNCTION "trf.ims.mnc070.mcc999.3gppnetwork.org"


vi /etc/kamailio_pcscf/pcscf.xml
<?xml version="1.0" encoding="UTF-8"?>
<DiameterPeer 
        FQDN="pcscf.ims.mnc070.mcc999.3gppnetwork.org"
        Realm="ims.mnc070.mcc999.3gppnetwork.org"
        Vendor_Id="10415"
        Product_Name="CDiameterPeer"
        AcceptUnknownPeers="1"
        DropUnknownOnDisconnect="1"
        Tc="30"
        Workers="4"
        QueueLength="8"
        TransactionTimeout="5"
        SessionsHashSize="128"
        DefaultAuthSessionTimeout="3600"
        MaxAuthSessionTimeout="3600"
>
        <Peer FQDN="pcrf.epc.mnc070.mcc999.3gppnetwork.org" Realm="epc.mnc070.mcc999.3gppnetwork.org" port="3868"/>
        <Acceptor port="3871" bind="10.45.0.1"/>
        <Auth id="16777236" vendor="10415"/> 
        <Auth id="16777236" vendor="0"/>  
        <DefaultRoute FQDN="pcrf.epc.mnc070.mcc999.3gppnetwork.org" metric="10"/>
</DiameterPeer>

SCSCF Edit supaya Domain mnc070.mcc999.3gppnetwork.org & IP 10.45.0.1

vi /etc/kamailio_scscf/scscf.cfg
# SIP / UDP
listen=udp:10.45.0.1:6060
#listen=udp:10.4.128.21:6060
#listen=udp:10.4.128.21:6060 advertise 172.24.15.30:6060
# SIP / TCP
listen=tcp:10.45.0.1:6060
#listen=tcp:10.4.128.21:6060
#listen=tcp:10.4.128.21:6060 advertise 172.24.15.30:6060
# SIP / TCP/TLS
#listen=tls:11.22.33.44:6061
#!define NETWORKNAME "ims.mnc070.mcc999.3gppnetwork.org"
#!define NETWORKNAME_ESC "ims\.mnc070\.mcc999\.3gppnetwork\.org"
#!define HOSTNAME "scscf.ims.mnc070.mcc999.3gppnetwork.org"
#!define HOSTNAME_ESC "scscf\.ims\.mnc070\.mcc999\.3gppnetwork\.org"
#!define URI "sip:scscf.ims.mnc070.mcc999.3gppnetwork.org:6060"
#!subst "/NETWORKNAME/ims.mnc070.mcc999.3gppnetwork.org/"
#!subst "/HSS_REALM/ims.mnc070.mcc999.3gppnetwork.org/"
alias=scscf.ims.mnc070.mcc999.3gppnetwork.org
# ENUM-Server to query:
#!define ENUM_SUFFIX "ims.mnc070.mcc999.3gppnetwork.org."
# SIP-Address of capturing node, if not set, capturing is disabled.
##!define CAPTURE_NODE "sip:127.0.0.1:9060"
# Connection URL for the database:
# For use with a single database:
#!define DB_URL "mysql://scscf:heslo@127.0.0.1/scscf"
# For use with DB_Cluster: con1 (primary), con2 (backup)
##!define DB_URL "con1=>mysql://scscf:heslo@127.0.0.1/scscf"
##!define DB_URL2 "con2=>mysql://scscf:heslo@127.0.0.1/scscf"


vi /etc/kamailio_scscf/scscf.xml
<?xml version="1.0" encoding="UTF-8"?>
<DiameterPeer 
        FQDN="scscf.ims.mnc070.mcc999.3gppnetwork.org"
        Realm="ims.mnc070.mcc999.3gppnetwork.org"
        Vendor_Id="10415"
        Product_Name="CDiameterPeer"
        AcceptUnknownPeers="1"
        DropUnknownOnDisconnect="1"
        Tc="30"
        Workers="16"
        QueueLength="32"
        TransactionTimeout="5"
        SessionsHashSize="128"
        DefaultAuthSessionTimeout="3600"
        MaxAuthSessionTimeout="3600"
>
        <Peer FQDN="hss.ims.mnc070.mcc999.3gppnetwork.org" Realm="ims.mnc070.mcc999.3gppnetwork.org" port="3868"/>
        <Acceptor port="3870" bind="10.45.0.1"/>
        <Auth id="16777216" vendor="10415"/>
        <Auth id="16777216" vendor="4491"/>
        <Auth id="16777216" vendor="13019"/>
        <Auth id="16777216" vendor="0"/>
        <Auth id="4" vendor="10415"/> 
        <Acct id="4" vendor="10415" />
        <SupportedVendor vendor="10415" />
        <DefaultRoute FQDN="hss.ims.mnc070.mcc999.3gppnetwork.org" metric="10"/>
</DiameterPeer>

Running I-CSCF, P-CSCF and S-CSCF as separate process

First, stop the default kamailio SIP server

systemctl stop kamailio
systemctl disable kamailio
systemctl mask kamailio

Run all the process as root and NOT sudo

mkdir -p /var/run/kamailio_pcscf
kamailio -f /etc/kamailio_pcscf/kamailio_pcscf.cfg -P /kamailio_pcscf.pid -DD -E -e
mkdir -p /var/run/kamailio_scscf
kamailio -f /etc/kamailio_scscf/kamailio_scscf.cfg -P /kamailio_scscf.pid -DD -E -e
mkdir -p /var/run/kamailio_icscf
kamailio -f /etc/kamailio_icscf/kamailio_icscf.cfg -P /kamailio_icscf.pid -DD -E -e

Install Open5GS di mesin yang sama dengan Kamailio IMS

Please refer to instructions at https://open5gs.org/open5gs/docs/guide/02-building-open5gs-from-sources/

Instal Open5GS dan Kamailio IMS pada mesin yang sama menjadi penting karena Framed-IP-Address di AAR request via Rx interface akan mengambil received IP address dan port di ims_qos module, oleh karenanya, jika Open5GS berbeda VM/mesin, akan di NAT sehingga kemungkian AAR request akan gagal.

Silahkan ikuti petunjuk konfigurasi Open5GS. Pada dasarnya yang dilakukan adalah,

  • Ubah realm ke epc.mnc070.mcc999.3gppnetwork.org
  • Define IP pool APN yang digunakan satu untuk APN default (internet) dan satu untuk IMS APN
  • Define P-CSCF address dalam konfigurasi pgw
  • Define ConnectPeer untuk pcscf.ims.mnc070.mcc777.3gppnetwork.org dengan IP port seperti PCRF freediameter configuration
  • Setup IP tables untuk UE pool untuk tun interface

ufw disable

Add user dengan setting APN berikut di Open5GS:

Konfigurasi APN:

---------------------------------------------------------------------------------------------------------------------
| APN      | Type | QCI | ARP | Capability | Vulnerablility | MBR DL/UL(Kbps)     | GBR DL/UL(Kbps) | PGW IP        |
---------------------------------------------------------------------------------------------------------------------
| internet | IPv4 | 9   | 8   | Disabled   | Disabled       | unlimited/unlimited |                 |               
|
---------------------------------------------------------------------------------------------------------------------
| ims      | IPv4 | 5   | 1   | Disabled   | Disabled       | 3850/1530           |                 |               
|
|          |      | 1   | 2   | Enabled    | Enabled        | 128/128             | 128/128         |               
|
|          |      | 2   | 4   | Enabled    | Enabled        | 128/128             | 128/128         |               
|
---------------------------------------------------------------------------------------------------------------------

Akhirnya, pastikan hal ini di Open5GS

  • PCO option mengindikasikan address dari Proxy-CSCF
  • Perlu di indikasikan support untuk Voice-over-Packet-Switched (VoPS) di NAS message ke UE dari EPC

Setup FoHSS agar bisa berbicara dengan I-CSCF dan S-CSCF

Untuk kebutuhan FoHSS: Install Java JDK and ant

Jika menggunakan Oracle Java

Install menggunakan perintah,

mkdir -p  /usr/lib/jvm/
tar -zxf java.tar.gz -C /usr/lib/jvm/
update-alternatives --install /usr/bin/java java /usr/lib/jvm/jdk1.7.0_79/bin/java 100
update-alternatives --install /usr/bin/javac javac /usr/lib/jvm/jdk1.7.0_79/bin/javac 100

Jika menggunakan OpenJDK

Install,

apt update
apt -y install openjdk-17-jdk openjdk-8-jdk default-jdk openjdk-19-jdk

Verifikasi java berhasil di konfigurasi dengan baik, jalankan

update-alternatives --display java

akan keluar kira2,

java - manual mode
  link best version is /usr/lib/jvm/java-19-openjdk-amd64/bin/java
  link currently points to /usr/lib/jvm/java-11-openjdk-amd64/bin/java
  link java is /usr/bin/java
  slave java.1.gz is /usr/share/man/man1/java.1.gz
/usr/lib/jvm/java-11-openjdk-amd64/bin/java - priority 1111
  slave java.1.gz: /usr/lib/jvm/java-11-openjdk-amd64/man/man1/java.1.gz
/usr/lib/jvm/java-17-openjdk-amd64/bin/java - priority 1711
  slave java.1.gz: /usr/lib/jvm/java-17-openjdk-amd64/man/man1/java.1.gz
/usr/lib/jvm/java-19-openjdk-amd64/bin/java - priority 1911
  slave java.1.gz: /usr/lib/jvm/java-19-openjdk-amd64/man/man1/java.1.gz
/usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java - priority 1081
  slave java.1.gz: /usr/lib/jvm/java-8-openjdk-amd64/jre/man/man1/java.1.gz

run,

update-alternatives --display javac

akan keluar kira2,

javac - manual mode
  link best version is /usr/lib/jvm/java-19-openjdk-amd64/bin/javac
  link currently points to /usr/lib/jvm/java-11-openjdk-amd64/bin/javac
  link javac is /usr/bin/javac
  slave javac.1.gz is /usr/share/man/man1/javac.1.gz
/usr/lib/jvm/java-11-openjdk-amd64/bin/javac - priority 1111
  slave javac.1.gz: /usr/lib/jvm/java-11-openjdk-amd64/man/man1/javac.1.gz
/usr/lib/jvm/java-17-openjdk-amd64/bin/javac - priority 1711
  slave javac.1.gz: /usr/lib/jvm/java-17-openjdk-amd64/man/man1/javac.1.gz
/usr/lib/jvm/java-19-openjdk-amd64/bin/javac - priority 1911
  slave javac.1.gz: /usr/lib/jvm/java-19-openjdk-amd64/man/man1/javac.1.gz
/usr/lib/jvm/java-8-openjdk-amd64/bin/javac - priority 1081
  slave javac.1.gz: /usr/lib/jvm/java-8-openjdk-amd64/man/man1/javac.1.gz

Pilih java

update-alternatives --config java
There are 4 choices for the alternative java (providing /usr/bin/java).

  Selection    Path                                            Priority   Status
------------------------------------------------------------
  0            /usr/lib/jvm/java-19-openjdk-amd64/bin/java      1911      auto mode
* 1            /usr/lib/jvm/java-11-openjdk-amd64/bin/java      1111      manual mode
  2            /usr/lib/jvm/java-17-openjdk-amd64/bin/java      1711      manual mode
  3            /usr/lib/jvm/java-19-openjdk-amd64/bin/java      1911      manual mode
  4            /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java   1081      manual mode

Press <enter> to keep the current choice[*], or type selection number: 3
update-alternatives: using /usr/lib/jvm/java-19-openjdk-amd64/bin/java to provide /usr/bin/java (java) in manual mode

Run,

update-alternatives --config javac
There are 4 choices for the alternative javac (providing /usr/bin/javac).

  Selection    Path                                          Priority   Status
------------------------------------------------------------
  0            /usr/lib/jvm/java-19-openjdk-amd64/bin/javac   1911      auto mode
* 1            /usr/lib/jvm/java-11-openjdk-amd64/bin/javac   1111      manual mode
  2            /usr/lib/jvm/java-17-openjdk-amd64/bin/javac   1711      manual mode
  3            /usr/lib/jvm/java-19-openjdk-amd64/bin/javac   1911      manual mode
  4            /usr/lib/jvm/java-8-openjdk-amd64/bin/javac    1081      manual mode

Press <enter> to keep the current choice[*], or type selection number: 3
update-alternatives: using /usr/lib/jvm/java-19-openjdk-amd64/bin/javac to provide /usr/bin/javac (javac) in manual mode

Check java version

java -version

akan keluar kira2,

openjdk version "17.0.8" 2023-07-18
OpenJDK Runtime Environment (build 17.0.8+7-Ubuntu-122.04)
OpenJDK 64-Bit Server VM (build 17.0.8+7-Ubuntu-122.04, mixed mode, sharing)

atau

openjdk version "1.8.0_382"
OpenJDK Runtime Environment (build 1.8.0_382-8u382-ga-1~22.04.1-b05)
OpenJDK 64-Bit Server VM (build 25.382-b05, mixed mode)

atau

openjdk version "11.0.20" 2023-07-18
OpenJDK Runtime Environment (build 11.0.20+8-post-Ubuntu-1ubuntu122.04)
OpenJDK 64-Bit Server VM (build 11.0.20+8-post-Ubuntu-1ubuntu122.04, mixed mode, sharing)

atau

openjdk version "19.0.2" 2023-01-17
OpenJDK Runtime Environment (build 19.0.2+7-Ubuntu-0ubuntu322.04)
OpenJDK 64-Bit Server VM (build 19.0.2+7-Ubuntu-0ubuntu322.04, mixed mode, sharing)

Install Ant

Install,

sudo apt update
sudo apt -y install ant

Verfiy ant version as:

ant -version
Apache Ant(TM) version 1.10.12 compiled on January 17 1970

Install FHoSS

Install

rm -Rf /opt/OpenIMSCore
mkdir /opt/OpenIMSCore
cd /opt/OpenIMSCore
git clone https://github.com/herlesupreeth/FHoSS

Compile:

cd /opt/OpenIMSCore/FHoSS
export JAVA_HOME="/usr/lib/jvm/java-17-openjdk-amd64/"
export CLASSPATH="/usr/share/gdb/auto-load/usr/lib/jvm/java-17-openjdk-amd64/jre/lib"
ant compile deploy | tee ant_compile_deploy.txt

atau,

cd /opt/OpenIMSCore/FHoSS
export JAVA_HOME="/usr/lib/jvm/java-8-openjdk-amd64/"
export CLASSPATH="/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/"
ant compile deploy | tee ant_compile_deploy.txt

atau,

cd /opt/OpenIMSCore/FHoSS
export JAVA_HOME="/usr/lib/jvm/java-11-openjdk-amd64/"
export CLASSPATH="/usr/share/gdb/auto-load/usr/lib/jvm/java-11-openjdk-amd64/jre/lib/"
ant compile deploy | tee ant_compile_deploy.txt

atau,

cd /opt/OpenIMSCore/FHoSS
export JAVA_HOME="/usr/lib/jvm/java-19-openjdk-amd64/"
export CLASSPATH="/usr/share/gdb/auto-load/usr/lib/jvm/java-19-openjdk-amd64/jre/lib/"
ant compile deploy | tee ant_compile_deploy.txt

Buat configurator.sh menggunakan script berikut untuk mengubah domain name dan IP address di semua file konfigurasi

cd deploy
vi configurator.sh

Masukan,

#!/bin/bash

# Initialization & global vars
# if you execute this script for the second time
# you should change these variables to the latest
# domain name and ip address
DDOMAIN="open-ims\.test"
DSDOMAIN="open-ims\\\.test"
DEFAULTIP="127\.0\.0\.1"
CONFFILES=`ls *.cfg *.xml *.sql *.properties 2>/dev/null`

# Interaction
printf "Domain Name:"
read domainname 
printf "IP Adress:"
read ip_address

# input domain is to be slashed for cfg regexes 
slasheddomain=`echo $domainname | sed 's/\./\\\\\\\\\./g'`

  if [ $# != 0 ] 
  then 
  printf "changing: "
      for j in $* 
      do
    sed -i -e "s/$DDOMAIN/$domainname/g" $j
    sed -i -e "s/$DSDOMAIN/$slasheddomain/g" $j
    sed -i -e "s/$DEFAULTIP/$ip_address/g" $j
    printf "$j " 
      done
  echo 
  else 
  printf "File to change [\"all\" for everything, \"exit\" to quit]:"
  # loop
      while read filename ;
      do
        if [ "$filename" = "exit" ] 
        then 
        printf "exitting...\n"
        break ;

      elif [ "$filename" = "all" ]
      then    
          printf "changing: "
         for i in $CONFFILES 
         do
        sed -i -e "s/$DDOMAIN/$domainname/g" $i
        sed -i -e "s/$DSDOMAIN/$slasheddomain/g" $i
        sed -i -e "s/$DEFAULTIP/$ip_address/g" $i
        
        printf "$i " 
         done 
         echo 
         break; 

        elif [ -w $filename ] 
        then
            printf "changing $filename \n"
            sed -i -e "s/$DDOMAIN/$domainname/g" $filename
            sed -i -e "s/$DSDOMAIN/$slasheddomain/g" $filename
            sed -i -e "s/$DEFAULTIP/$ip_address/g" $filename 

          else 
          printf "cannot access file $filename. skipping... \n" 
        fi
        printf "File to Change:"
      done 
  fi

Save, dan ijinkan untuk di excute,

chmod +x configurator.sh
./configurator.sh 
Domain Name:ims.mnc070.mcc999.3gppnetwork.org
IP Adress:10.45.0.1
File to change ["all" for everything, "exit" to quit]:all
changing: c3p0.properties DiameterPeerHSS.xml hibernate.properties hss.properties log4j.properties 

Cek domain open-ims untuk di ubah menjadi ims.mnc070.mcc999.3gppnetwork.org

grep -r "open-ims"

Edit

vi webapps/hss.web.console/WEB-INF/web.xml

Pastikan,

  <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>ims.mnc070.mcc999.3gppnetwork.org</realm-name>
  </login-config>

Cek,

vi hibernate.properties

Pastikan

##hibernate.connection.url=jdbc:mysql://10.45.0.1:3306/hss_db
hibernate.connection.url=jdbc:mysql://127.0.0.1:3306/hss_db

Lakukan,

cp configurator.sh ../scripts/
cd ../scripts
grep -r "open-ims"
./configurator.sh 
Domain Name:ims.mnc070.mcc999.3gppnetwork.org
IP Adress:10.45.0.1
File to change ["all" for everything, "exit" to quit]:all
changing: hss_db_migrate_as_register.sql hss_db_migrate_dsai.sql hss_db.sql userdata.sql 

Lakukan,

cp configurator.sh ../config/
cd ../config
./configurator.sh 
Domain Name:ims.mnc070.mcc999.3gppnetwork.org
IP Adress:10.45.0.1
File to change ["all" for everything, "exit" to quit]:all
changing: c3p0.properties DiameterPeerHSS.xml hibernate.properties hss.properties log4j.properties 
cd ../src-web
vi WEB-INF/web.xml

Ubah open-ims.org ke ims.mnc070.mcc999.3gppnetwork.org

  <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>ims.mnc070.mcc999.3gppnetwork.org</realm-name>
  </login-config>


Persiapkan database mysql,

mysql

DROP DATABASE hss_db;
CREATE DATABASE hss_db;
QUIT

Edit,

vi /opt/OpenIMSCore/FHoSS/scripts/hss_db.sql

Pastikan,

# DB access rights
grant delete,insert,select,update on hss_db.* to hss@localhost identified by 'hss';
grant delete,insert,select,update on hss_db.* to hss@'%' identified by 'hss';

Import database dari /opt/OpenIMSCore ke hss_db

cd /opt/OpenIMSCore
mysql -u root -p hss_db < FHoSS/scripts/hss_db.sql
mysql -u root -p hss_db < FHoSS/scripts/userdata.sql

Cek database bahwa domain, privileges dll semua OK

mysql -u root -p

SHOW databases;
USE hss_db;
SELECT * from impu;
QUIT
+----+---------------------------------------------+------+---------+------------+-------+-----------------+------------------+--------------+--------------+----------------+--------------+
| id | identity                                    | type | barring | user_state | id_sp | id_implicit_set | id_charging_info | wildcard_psi | display_name | psi_activation | can_register |
+----+---------------------------------------------+------+---------+------------+-------+-----------------+------------------+--------------+--------------+----------------+--------------+
|  1 | sip:alice@ims.mnc070.mcc999.3gppnetwork.org |    0 |       0 |          0 |     1 |               1 |                1 |              |              |              0 |            1 |
|  2 | sip:bob@ims.mnc070.mcc999.3gppnetwork.org   |    0 |       0 |          0 |     1 |               2 |                1 |              |              |              0 |            1 |
+----+---------------------------------------------+------+---------+------------+-------+-----------------+------------------+--------------+--------------+----------------+--------------+


Siapkan script-file, start HSS. Copy startup.sh ke hss.sh di root directory

cp /opt/OpenIMSCore/FHoSS/deploy/startup.sh /root/hss.sh

dan, tambahkan pada hss.sh sebelum echo "Building Classpath"

cd /opt/OpenIMSCore/FHoSS/deploy
JAVA_HOME="/usr/lib/jvm/java-17-openjdk-amd64/"
CLASSPATH="/usr/share/gdb/auto-load/usr/lib/jvm/java-17-openjdk-amd64/jre/lib"

atau

cd /opt/OpenIMSCore/FHoSS/deploy
JAVA_HOME="/usr/lib/jvm/java-8-openjdk-amd64/"
CLASSPATH="/usr/lib/jvm/java-8-openjdk-amd64/jre/lib"

atau

cd /opt/OpenIMSCore/FHoSS
export JAVA_HOME="/usr/lib/jvm/java-11-openjdk-amd64/"
export CLASSPATH="/usr/share/gdb/auto-load/usr/lib/jvm/java-11-openjdk-amd64/jre/lib/"

atau

cd /opt/OpenIMSCore/FHoSS
export JAVA_HOME="/usr/lib/jvm/java-19-openjdk-amd64/"
export CLASSPATH="/usr/share/gdb/auto-load/usr/lib/jvm/java-19-openjdk-amd64/jre/lib/"


Sehingga isi hss.sh menjadi,

vi /root/hss.sh
Start HSS menggunakan hss.sh
#!/bin/bash
# --------------------------------------------------------------
# Include JAR Files
# --------------------------------------------------------------

cd /opt/OpenIMSCore/FHoSS
export JAVA_HOME="/usr/lib/jvm/java-19-openjdk-amd64/"
export CLASSPATH="/usr/share/gdb/auto-load/usr/lib/jvm/java-19-openjdk-amd64/jre/lib/:/opt/OpenIMSCore/FHoSS/deploy/lib/:/opt/OpenIMSCore/FHoSS/deploy/webapps/ROOT/WEB-INF/lib/:/opt/OpenIMSCore/FHoSS/deploy/webapps/hss.web.console/WEB-INF/lib/"
echo "Building Classpath"
CLASSPATH=$CLASSPATH:log4j.properties:.
for i in lib/*.jar; do CLASSPATH="$i":"$CLASSPATH"; done
echo "Classpath is $CLASSPATH."

# --------------------------------------------------------------
# Start-up
# --------------------------------------------------------------

$JAVA_HOME/bin/java -cp $CLASSPATH de.fhg.fokus.hss.main.HSSContainer $1 $2 $3 $4 $5 $6 $7 $8 $9

Jalankan hss.sh,

cd /root/
./hss.sh

ERROR

Building Classpath
Classpath is lib/xml-apis.jar:lib/xercesImpl.jar:lib/xerces-2.4.0.jar:lib/xalan- 2.4.0.jar:lib/struts.jar:lib/servlet-api.jar:lib/mysql-connector-java-5.1.49-bin.jar:lib/mx4j-3.0.1.jar:lib/log4j.jar:lib/junit.jar:lib/junitee.jar:lib/jta.jar:lib/jsp-api.jar:lib/jdp.jar:lib/hibernate3.jar:lib/ehcache-1.1.jar:lib/dom4j-1.6.1.jar:lib/commons-validator.jar:lib/commons-logging.jar:lib/commons-logging-1.0.4.jar:lib/commons-lang.jar:lib/commons-fileupload.jar:lib/commons-digester.jar:lib/commons-collections-3.1.jar:lib/commons-beanutils.jar:lib/cglib-2.1.3.jar:lib/catalina-optional.jar:lib/catalina.jar:lib/c3p0-0.9.1.jar:lib/base64.jar:lib/asm.jar:lib/asm-attrs.jar:lib/antlr-2.7.6.jar:/usr/share/gdb/auto-load/usr/lib/jvm/java-19-openjdk-amd64/jre/lib/:log4j.properties:..
Error: Could not find or load main class de.fhg.fokus.hss.main.HSSContainer
Caused by: java.lang.ClassNotFoundException: de.fhg.fokus.hss.main.HSSContainer

The script should be run from the deploy/ directory.

~/openimscore-hss/FHoSS/deploy$ JAVA_HOME=/usr/lib/jvm/java-7-openjdk-amd64 ./startup.sh


Padahal ada

/opt/OpenIMSCore/FHoSS/bin/de/fhg/fokus/hss/main/HSSContainer.class
/opt/OpenIMSCore/FHoSS/deploy/webapps/hss.web.console/WEB-INF/classes/de/fhg/fokus/hss/main/HSSContainer.class
/opt/OpenIMSCore/FHoSS/src/de/fhg/fokus/hss/main/HSSContainer.java


Access HSS Web

http://<IMS_VM_FLOATING_IP>:8080/hss.web.console/
http://172.24.15.30:8080/hss.web.console/
http://192.168.0.5:8080/hss.web.console/
user:      hssAdmin
password:  hss

Edit /etc/hosts masukan contoh:

cat /etc/hosts
127.0.0.1    localhost
127.0.0.1    epc-ims

Add IMS subscription use in FoHSS as follows from the Web GUI

Assuming IMSI of the user as 001010123456791 and MSISDN is 0198765432100

Login to the HSS web console.
Navigate to the User Identities page
Create the IMSU 
Click IMS Subscription / Create
Enter:
Name = 001010123456791
Capabilities Set = cap_set1
Preferred S-CSCF = scsf1
Click Save
Create the IMPI and Associate the IMPI to the IMSU
Click Create & Bind new IMPI
Enter:
Identity = 001010123456791@ims.mnc070.mcc999.3gppnetwork.org
Secret Key = 8baf473f2f8fd09487cccbd7097c6862 (Ki value as in Open5GS HSS database)
Authentication Schemes - All
Default = Digest-AKAv1-MD5
AMF = 8000 (As in Open5GS HSS database)
OP = 11111111111111111111111111111111 (As in Open5GS HSS database)
SQN = 000000021090 (SQN value as in Open5GS HSS database)
Click Save
Create and Associate IMPI to IMPU
Click Create & Bind new IMPU
Enter:
Identity = sip:001010123456791@ims.mnc070.mcc999.3gppnetwork.org
Barring = Yes
Service Profile = default_sp
Charging-Info Set = default_charging_set
IMPU Type = Public_User_Identity
Click Save
Add Visited Network to IMPU
Enter:
Visited Network = ims.mnc070.mcc999.3gppnetwork.org
Click Add

Now, goto Public User Identity and create further IMPUs as following

1. tel:0198765432100

Public User Identity -IMPU-
Identity = tel:0198765432100
Service Profile = default_sp
Charging-Info Set = default_charging_set
Can Register = Yes
IMPU Type = Public_User_Identity
Click Save

Add Visited Network to IMPU

Enter:
Visited Network = ims.mnc070.mcc999.3gppnetwork.org
Click Add

Associate IMPI(s) to IMPU

IMPI Identity = 001010123456791@ims.mnc070.mcc999.3gppnetwork.org
Click Add

2. sip:0198765432100@ims.mnc070.mcc999.3gppnetwork.org

Public User Identity -IMPU-
Identity = sip:0198765432100@ims.mnc070.mcc999.3gppnetwork.org
Service Profile = default_sp
Charging-Info Set = default_charging_set
Can Register = Yes
IMPU Type = Public_User_Identity
Click Save

Add Visited Network to IMPU

Enter:
Visited Network = ims.mnc070.mcc999.3gppnetwork.org
Click Add

Associate IMPI(s) to IMPU

IMPI Identity = 001010123456791@ims.mnc070.mcc999.3gppnetwork.org
Click Add

And, finally add these IMPUs as implicit set of IMSI derived IMPU in HSS i.e sip:001010123456791@ims.mnc070.mcc999.3gppnetwork.org as follows:

1. Goto to IMPU sip:001010123456791@ims.mnc070.mcc999.3gppnetwork.org
2. In "Add IMPU(s) to Implicit-Set" section give IMPU Identity created above to be added to this IMPU

APN setting

Buang semua APN setting sebelumnya. Buat APN sebagai berikut,

  • Create internet APN, APN name: internet, APN type: default –> Save APN
  • Create ims APN, APN name: ims, APN type: ims –> Save APN

eNB setting

Yang perlu di set di eNB:

  • Support QoS
  • Support Dedicated radio bearer creation
  • Pastikan konfigurasi DRB untuk QCI dari APN (QCI 5 untuk ims)

Pada mesin eNB tambahkan routiung statik berikut (karena internal IP of the VM akan di advertised S1AP messages dan UE tidak akan mencapai core di Uplink)

ip r add 10.45.0.1/32 via 192.168.0.5
ip r add 10.45.0.1/32 via 172.24.15.30

USIM and UE settings

Pastikan SQN check disable di Sysmocom SIM card menggunakan sysmo-usim-tool tool

https://github.com/herlesupreeth/sysmo-usim-tool

Test menggunakan OnePlus 5 menggunakan methoda berikut, (Official Google method lebih di rekomendasikan agar handphone tidak rusak)

Test voice call

user1

  • IMSI 001010123456791
  • MSISDN 0198765432100

user2

  • IMSI 001010123456792
  • MSISDN 0298765432100

Coba call user1 dan user2

Untuk Debugging

Debug menggunakan wireshark pada Open5GS machine dan menggunakan wireshark display filter

s1ap || gtpv2 || pfcp || diameter || diameter.3gpp || sip

Juga,

Debugging Diameter messages antara PCRF dan P-CSCF di Wireshark jika TCP/SCTP port bukan 3868

Open Wireshark –> Preferences –> Protocols –> Diameter –> Ubah ke port yang digunakan

Referensi


Pranala Menarik