Difference between revisions of "Open5gs: Konfigurasi Awal MCC 999 MNC 70 dengan Open5GS dan IMS satu mesin/VM"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| Line 30: | Line 30: | ||
Untuk membuat TUN device dengan nama interface ogstun, caranya adalah sebagai berikut, | Untuk membuat TUN device dengan nama interface ogstun, caranya adalah sebagai berikut, | ||
| − | + | ip tuntap add name ogstun mode tun | |
| − | + | ip addr add 10.45.0.1/16 dev ogstun | |
| − | + | ip addr add 2001:db8:cafe::1/48 dev ogstun | |
| − | + | ip link set ogstun mtu 1400 | |
| + | ip link set ogstun up | ||
| + | |||
Tip: script ini tersedia di $GIT_REPO/misc/netconf.sh yang akan memudahkan kita dapat mengkonfigurasi TUN device: | Tip: script ini tersedia di $GIT_REPO/misc/netconf.sh yang akan memudahkan kita dapat mengkonfigurasi TUN device: | ||
| Line 83: | Line 85: | ||
### Ensure that the packets in the `INPUT` chain to the `ogstun` interface are accepted | ### Ensure that the packets in the `INPUT` chain to the `ogstun` interface are accepted | ||
| − | + | sudo iptables -I INPUT -i ogstun -j ACCEPT | |
### Prevent UE's from connecting to the host on which UPF is running | ### Prevent UE's from connecting to the host on which UPF is running | ||
| − | + | sudo iptables -I INPUT -s 10.45.0.0/16 -j DROP | |
| − | + | sudo ip6tables -I INPUT -s 2001:db8:cafe::/48 -j DROP | |
### If your core network runs over multiple hosts, you probably want to block | ### If your core network runs over multiple hosts, you probably want to block | ||
### UE originating traffic from accessing other network functions. | ### UE originating traffic from accessing other network functions. | ||
### Replace x.x.x.x/y with the VNFs IP/subnet | ### Replace x.x.x.x/y with the VNFs IP/subnet | ||
| − | + | sudo iptables -I FORWARD -s 10.45.0.0/16 -d x.x.x.x/y -j DROP | |
| + | ==Konfigurasi dua interface TUN ogstun dan ogstun2== | ||
| + | |||
| + | Jika dibutuhkan dua Interface, dapat menggunakan script di bawah ini: | ||
| + | |||
| + | #!/bin/bash | ||
| + | |||
| + | sudo sysctl -w net.ipv4.ip_forward=1 | ||
| + | sudo sysctl -w net.ipv6.conf.all.forwarding=1 | ||
| + | |||
| + | ip tuntap add name ogstun mode tun | ||
| + | ip addr add 10.45.0.1/16 dev ogstun | ||
| + | ip addr add 2001:db8:cafe::1/48 dev ogstun | ||
| + | ip link set ogstun mtu 1400 | ||
| + | ip link set ogstun up | ||
| + | iptables -t nat -A POSTROUTING -s 10.45.0.0/16 ! -o ogstun -j MASQUERADE | ||
| + | ip6tables -t nat -A POSTROUTING -s 2001:db8:cafe::/48 ! -o ogstun -j MASQUERADE | ||
| + | iptables -I INPUT -i ogstun -j ACCEPT | ||
| + | ip6tables -I INPUT -i ogstun -j ACCEPT | ||
| + | |||
| + | ip tuntap add name ogstun2 mode tun | ||
| + | ip addr add 10.123.0.1/16 dev ogstun2 | ||
| + | ip addr add 2001:db8:babe::1/48 dev ogstun2 | ||
| + | ip link set ogstun2 mtu 1400 | ||
| + | ip link set ogstun2 up | ||
| + | iptables -t nat -A POSTROUTING -s 10.123.0.0/16 ! -o ogstun2 -j MASQUERADE | ||
| + | ip6tables -t nat -A POSTROUTING -s 2001:db8:babe::/48 ! -o ogstun2 -j MASQUERADE | ||
| + | iptables -I INPUT -i ogstun2 -j ACCEPT | ||
| + | ip6tables -I INPUT -i ogstun2 -j ACCEPT | ||
Revision as of 08:02, 12 August 2023
Sumber: https://github.com/herlesupreeth/Open5gs_Config
Asumsi Konfigurasi
- OS Ubuntu 22.04
- Open5GS & IMS satu mesin
- Satu Interface enp0s3
- IP Statik enp0s3 192.168.0.5/24 gateway 192.168.0.222
- IP Statik ogstun 10.45.0.1/16 & 2001:db8:cafe::1/48
- Domain mnc070.mcc999.3gppnetwork.org
- APN internet
- MCC 999 MNC 70
Yang Perlu di Set
- OpenStack VM dengan root user dengan single interface (enp0s3)
- Modifikasi sesuai kebutuhan
- Modifikasi lokasi modul,
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dbg_msg_dumps.fdx .....
- APN name
- UE pool IP address
- P-CSCF address
- Network interface name enp0s3
Setup TUN device (not persistent)
Jika dibutuhkan kita dapat menset interface ogstun, tampaknya ini tidak dibutuhkan jika kita menginstall open5gs dari binary.
Untuk membuat TUN device dengan nama interface ogstun, caranya adalah sebagai berikut,
ip tuntap add name ogstun mode tun ip addr add 10.45.0.1/16 dev ogstun ip addr add 2001:db8:cafe::1/48 dev ogstun ip link set ogstun mtu 1400 ip link set ogstun up
Tip: script ini tersedia di $GIT_REPO/misc/netconf.sh yang akan memudahkan kita dapat mengkonfigurasi TUN device:
sudo ./misc/netconf.sh
Tambahkan Route Untuk UE ke WAN / Internet
Agar ada bridge antara PGWU/UPF dan WAN (Internet), kita perlu meng-enable IP forwarding dan NAT rule di IP Tables.
Untuk mengaktifkan forwarding dan NAT rule, ketik,
### Enable IPv4/IPv6 Forwarding sudo sysctl -w net.ipv4.ip_forward=1 sudo sysctl -w net.ipv6.conf.all.forwarding=1
### Add NAT Rule sudo iptables -t nat -A POSTROUTING -s 10.45.0.0/16 ! -o ogstun -j MASQUERADE sudo ip6tables -t nat -A POSTROUTING -s 2001:db8:cafe::/48 ! -o ogstun -j MASQUERADE
Cek menggunakan perintah,
iptables -L -t nat
Hasilnya harusnya NAT beroperasi seperti dibawah ini,
Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 10.45.0.0/16 anywhere
Konfigurasi firewall dengan benar dan pastikan status ufw inactive.
sudo ufw status
Status: active
Jika dibutuhkan, firewall dapat dimatikan menggunakan perintah berikut, dan disable waktu start up,
sudo ufw disable
Matikan firewall dan disable pada system startup
$ sudo ufw status
Status: inactive
Optional, jika dibutuhkan, kita dapat melakukan konfigurasi berikut,
### Ensure that the packets in the `INPUT` chain to the `ogstun` interface are accepted sudo iptables -I INPUT -i ogstun -j ACCEPT
### Prevent UE's from connecting to the host on which UPF is running sudo iptables -I INPUT -s 10.45.0.0/16 -j DROP sudo ip6tables -I INPUT -s 2001:db8:cafe::/48 -j DROP
### If your core network runs over multiple hosts, you probably want to block ### UE originating traffic from accessing other network functions. ### Replace x.x.x.x/y with the VNFs IP/subnet sudo iptables -I FORWARD -s 10.45.0.0/16 -d x.x.x.x/y -j DROP
Konfigurasi dua interface TUN ogstun dan ogstun2
Jika dibutuhkan dua Interface, dapat menggunakan script di bawah ini:
#!/bin/bash sudo sysctl -w net.ipv4.ip_forward=1 sudo sysctl -w net.ipv6.conf.all.forwarding=1 ip tuntap add name ogstun mode tun ip addr add 10.45.0.1/16 dev ogstun ip addr add 2001:db8:cafe::1/48 dev ogstun ip link set ogstun mtu 1400 ip link set ogstun up iptables -t nat -A POSTROUTING -s 10.45.0.0/16 ! -o ogstun -j MASQUERADE ip6tables -t nat -A POSTROUTING -s 2001:db8:cafe::/48 ! -o ogstun -j MASQUERADE iptables -I INPUT -i ogstun -j ACCEPT ip6tables -I INPUT -i ogstun -j ACCEPT ip tuntap add name ogstun2 mode tun ip addr add 10.123.0.1/16 dev ogstun2 ip addr add 2001:db8:babe::1/48 dev ogstun2 ip link set ogstun2 mtu 1400 ip link set ogstun2 up iptables -t nat -A POSTROUTING -s 10.123.0.0/16 ! -o ogstun2 -j MASQUERADE ip6tables -t nat -A POSTROUTING -s 2001:db8:babe::/48 ! -o ogstun2 -j MASQUERADE iptables -I INPUT -i ogstun2 -j ACCEPT ip6tables -I INPUT -i ogstun2 -j ACCEPT
DEBUGGING: Remove Log
rm /var/log/open5gs/*
amf.yaml
cd /etc/open5gs/ cp /etc/open5gs/amf.yaml /etc/open5gs/amf.yaml.old vi /etc/open5gs/amf.yaml
Isi dengan,
logger:
file: /var/log/open5gs/amf.log
sbi:
server:
no_tls: true
cacert: /etc/open5gs/tls/ca.crt
key: /etc/open5gs/tls/amf.key
cert: /etc/open5gs/tls/amf.crt
client:
no_tls: true
cacert: /etc/open5gs/tls/ca.crt
key: /etc/open5gs/tls/amf.key
cert: /etc/open5gs/tls/amf.crt
parameter:
amf:
sbi:
- addr: 127.0.0.5
port: 7777
ngap:
- addr: 127.0.0.5
guami:
- plmn_id:
mcc: 999
mnc: 70
amf_id:
region: 2
set: 1
tai:
- plmn_id:
mcc: 999
mnc: 70
tac: 1
plmn_support:
- plmn_id:
mcc: 999
mnc: 70
s_nssai:
- sst: 1
security:
integrity_order : [ NIA2, NIA1, NIA0 ]
ciphering_order : [ NEA0, NEA1, NEA2 ]
network_name:
full: Open5GS
amf_name: open5gs-amf0
nrf:
sbi:
- addr:
- 127.0.0.10
- ::1
port: 7777
Test & pastikan tidak ada error,
sudo systemctl stop open5gs-amfd sudo sleep 10 sudo systemctl start open5gs-amfd sudo systemctl status open5gs-amfd
cat /var/log/open5gs/amf.log
ausf.yaml
cd /etc/open5gs/ cp /etc/open5gs/ausf.yaml /etc/open5gs/ausf.yaml.old vi /etc/open5gs/ausf.yaml
Isi dengan,
logger:
file: /var/log/open5gs/ausf.log
sbi:
server:
no_tls: true
cacert: /etc/open5gs/tls/ca.crt
key: /etc/open5gs/tls/ausf.key
cert: /etc/open5gs/tls/ausf.crt
client:
no_tls: true
cacert: /etc/open5gs/tls/ca.crt
key: /etc/open5gs/tls/ausf.key
cert: /etc/open5gs/tls/ausf.crt
parameter:
ausf:
sbi:
- addr: 127.0.0.11
port: 7777
# scp:
# sbi:
# - addr: 127.0.1.10
# port: 7777
nrf:
sbi:
- addr:
- 127.0.0.10
- ::1
port: 7777
Test & pastikan tidak ada error,
sudo systemctl stop open5gs-ausfd sudo sleep 10 sudo systemctl start open5gs-ausfd sudo systemctl status open5gs-ausfd
cat /var/log/open5gs/ausf.log
hss.yaml
cd /etc/open5gs/ cp /etc/open5gs/hss.yaml /etc/open5gs/hss.yaml.old vi /etc/open5gs/hss.yaml
Isi dengan,
db_uri: mongodb://localhost/open5gs
logger:
file: /var/log/open5gs/hss.log
parameter:
hss:
freeDiameter:
identity: hss.epc.mnc070.mcc999.3gppnetwork.org
realm: epc.mnc070.mcc999.3gppnetwork.org
port: 3868
sec_port: 5868
listen_on: 127.0.0.8
load_extension:
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dbg_msg_dumps.fdx
conf: 0x8888
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_rfc5777.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_mip6i.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_nasreq.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_nas_mipv6.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_dcca.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_dcca_3gpp.fdx
connect:
- identity: mme.epc.mnc070.mcc999.3gppnetwork.org
addr: 127.0.0.2
port: 3868
Test & pastikan tidak ada error,
sudo systemctl stop open5gs-hssd sudo sleep 10 sudo systemctl start open5gs-hssd sudo systemctl status open5gs-hssd
cat /var/log/open5gs/hss.log
ERROR
08/10 03:20:22.249: [diam] ERROR: pid:PSM/mme.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:116: DROPPED 'Internal error ('mme.epc.mnc070.mcc999.3gppnetwork.org'): unhandled message.'
((null):0)
08/10 03:20:22.249: [diam] ERROR: pid:PSM/mme.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: 'Capabilities-Exchange-Answer'
((null):0)
08/10 03:20:22.249: [diam] ERROR: pid:PSM/mme.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: Version: 0x01
((null):0)
08/10 03:20:22.249: [diam] ERROR: pid:PSM/mme.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: Length: 120
((null):0)
08/10 03:20:22.249: [diam] ERROR: pid:PSM/mme.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: Flags: 0x20 (--E-)
((null):0)
08/10 03:20:22.249: [diam] ERROR: pid:PSM/mme.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: Command Code: 257
((null):0)
08/10 03:20:22.249: [diam] ERROR: pid:PSM/mme.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: ApplicationId: 0
((null):0)
08/10 03:20:22.249: [diam] ERROR: pid:PSM/mme.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: Hop-by-Hop Identifier: 0x290B9C10
((null):0)
08/10 03:20:22.249: [diam] ERROR: pid:PSM/mme.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: End-to-End Identifier: 0x6FF0C3BB
((null):0)
08/10 03:20:22.249: [diam] ERROR: pid:PSM/mme.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: {internal data}: src:mme.epc.mnc070.mcc999.3gppnetwork.org(37) rwb:(nil) rt:2 cb:(nil),(nil)((nil)) qry:0x7fb890000fc0 asso:0 sess:(nil)
((null):0)
08/10 03:20:22.249: [diam] ERROR: pid:PSM/mme.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: AVP: 'Result-Code'(268) l=12 f=-M val='DIAMETER_UNKNOWN_PEER' (3010 (0xbc2))
((null):0)
08/10 03:20:22.249: [diam] ERROR: pid:PSM/mme.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: AVP: 'Error-Message'(281) l=29 f=-- val="DIAMETER_UNKNOWN_PEER"
((null):0)
08/10 03:20:22.249: [diam] ERROR: pid:PSM/mme.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: AVP: 'Origin-Host'(264) l=23 f=-M val="mme.localdomain"
((null):0)
08/10 03:20:22.249: [diam] ERROR: pid:PSM/mme.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: AVP: 'Origin-Realm'(296) l=19 f=-M val="localdomain"
((null):0)
08/10 03:20:22.249: [diam] ERROR: pid:PSM/mme.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: AVP: 'Origin-State-Id'(278) l=12 f=-M val=1691636431 (0x64d452cf)
((null):0)
mme.yaml
cd /etc/open5gs/ cp /etc/open5gs/mme.yaml /etc/open5gs/mme.yaml.old vi /etc/open5gs/mme.yaml
Isi dengan,
logger:
file: /var/log/open5gs/mme.log
parameter:
mme:
freeDiameter:
identity: mme.epc.mnc070.mcc999.3gppnetwork.org
realm: epc.mnc070.mcc999.3gppnetwork.org
port: 3868
sec_port: 5868
listen_on: 127.0.0.2
load_extension:
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dbg_msg_dumps.fdx
conf: 0x8888
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_rfc5777.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_mip6i.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_nasreq.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_nas_mipv6.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_dcca.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_dcca_3gpp.fdx
connect:
- identity: hss.epc.mnc070.mcc999.3gppnetwork.org
addr: 127.0.0.8
port: 3868
s1ap:
dev: enp0s3
gtpc:
dev: enp0s3
gummei:
plmn_id:
mcc: 999
mnc: 70
mme_gid: 2
mme_code: 1
tai:
plmn_id:
mcc: 999
mnc: 70
tac: 1
security:
integrity_order : [ EIA1, EIA2, EIA0 ]
ciphering_order : [ EEA0, EEA1, EEA2 ]
network_name:
full: Open5GS
mme_name: open5gs-mme0
sgwc:
gtpc:
addr: 127.0.0.3
smf:
gtpc:
- addr:
- 127.0.0.4
- ::1
Test & pastikan tidak ada error,
sudo systemctl stop open5gs-mmed sudo sleep 10 sudo systemctl start open5gs-mmed sudo systemctl status open5gs-mmed
cat /var/log/open5gs/mme.log
nrf.yaml
cd /etc/open5gs/ cp /etc/open5gs/nrf.yaml /etc/open5gs/nrf.yaml.old vi /etc/open5gs/nrf.yaml
Isi dengan,
logger:
file: /var/log/open5gs/nrf.log
sbi:
server:
no_tls: true
cacert: /etc/open5gs/tls/ca.crt
key: /etc/open5gs/tls/nrf.key
cert: /etc/open5gs/tls/nrf.crt
client:
no_tls: true
cacert: /etc/open5gs/tls/ca.crt
key: /etc/open5gs/tls/nrf.key
cert: /etc/open5gs/tls/nrf.crt
parameter:
nrf:
sbi:
addr:
- 127.0.0.10
- ::1
port: 7777
# scp:
# sbi:
# - addr: 127.0.1.10
# port: 7777
Test & pastikan tidak ada error,
sudo systemctl stop open5gs-nrfd sudo sleep 10 sudo systemctl start open5gs-nrfd sudo systemctl status open5gs-nrfd
cat /var/log/open5gs/nrf.log
nssf.yaml
cd /etc/open5gs/ cp /etc/open5gs/nssf.yaml /etc/open5gs/nssf.yaml.old vi /etc/open5gs/nssf.yaml
Isi dengan,
logger:
file: /var/log/open5gs/nssf.log
sbi:
server:
no_tls: true
cacert: /etc/open5gs/tls/ca.crt
key: /etc/open5gs/tls/nssf.key
cert: /etc/open5gs/tls/nssf.crt
client:
no_tls: true
cacert: /etc/open5gs/tls/ca.crt
key: /etc/open5gs/tls/nssf.key
cert: /etc/open5gs/tls/nssf.crt
nssf:
sbi:
- addr: 127.0.0.14
port: 7777
nsi:
- addr: ::1
port: 7777
s_nssai:
sst: 1
nrf:
sbi:
- addr:
- 127.0.0.10
- ::1
port: 7777
# scp:
# sbi:
# - addr: 127.0.1.10
# port: 7777
Test & pastikan tidak ada error,
sudo systemctl stop open5gs-nssfd sudo sleep 10 sudo systemctl start open5gs-nssfd sudo systemctl status open5gs-nssfd
cat /var/log/open5gs/nssf.log
pcf.yaml
cd /etc/open5gs/ cp /etc/open5gs/pcf.yaml /etc/open5gs/pcf.yaml.old vi /etc/open5gs/pcf.yaml
Isi dengan,
db_uri: mongodb://localhost/open5gs
logger:
file: /var/log/open5gs/pcf.log
sbi:
server:
no_tls: true
cacert: /etc/open5gs/tls/ca.crt
key: /etc/open5gs/tls/pcf.key
cert: /etc/open5gs/tls/pcf.crt
client:
no_tls: true
cacert: /etc/open5gs/tls/ca.crt
key: /etc/open5gs/tls/pcf.key
cert: /etc/open5gs/tls/pcf.crt
pcf:
sbi:
- addr: 127.0.0.13
port: 7777
# pcf:
# sbi:
# - addr: 127.0.0.13
# port: 7777
# metrics:
# - addr: 127.0.0.13
# port: 9090
nrf:
sbi:
- addr:
- 127.0.0.10
- ::1
port: 7777
# scp:
# sbi:
# - addr: 127.0.1.10
# port: 7777
Test & pastikan tidak ada error,
sudo systemctl stop open5gs-pcfd sudo sleep 10 sudo systemctl start open5gs-pcfd sudo systemctl status open5gs-pcfd
cat /var/log/open5gs/pcf.log
pcrf.yaml
cd /etc/open5gs/ cp /etc/open5gs/pcrf.yaml /etc/open5gs/pcrf.yaml.old vi /etc/open5gs/pcrf.yaml
Isi dengan,
db_uri: mongodb://localhost/open5gs
logger:
file: /var/log/open5gs/pcrf.log
parameter:
# pcrf:
# freeDiameter: /etc/freeDiameter/pcrf.conf
pcrf:
freeDiameter:
identity: pcrf.epc.mnc070.mcc999.3gppnetwork.org
realm: epc.mnc070.mcc999.3gppnetwork.org
port: 3868
sec_port: 5868
listen_on: 127.0.0.9
load_extension:
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dbg_msg_dumps.fdx
conf: 0x8888
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_rfc5777.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_mip6i.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_nasreq.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_nas_mipv6.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_dcca.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_dcca_3gpp.fdx
connect:
- identity: smf.epc.mnc070.mcc999.3gppnetwork.org
addr: 127.0.0.4
port: 3868
- identity: pcscf.ims.mnc070.mcc999.3gppnetwork.org
addr: 192.168.0.4
port: 3871
Test & pastikan tidak ada error,
sudo systemctl stop open5gs-pcrfd sudo sleep 10 sudo systemctl start open5gs-pcrfd sudo systemctl status open5gs-pcrfd
cat /var/log/open5gs/pcrf.log
ERROR
08/10 03:29:02.572: [diam] ERROR: pid:PSM/smf.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: ApplicationId: 0
((null):0)
08/10 03:29:02.572: [diam] ERROR: pid:PSM/smf.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: Hop-by-Hop Identifier: 0x46E89A17
((null):0)
08/10 03:29:02.572: [diam] ERROR: pid:PSM/smf.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: End-to-End Identifier: 0x97EA58C1
((null):0)
08/10 03:29:02.572: [diam] ERROR: pid:PSM/smf.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: {internal data}: src:smf.epc.mnc070.mcc999.3gppnetwork.org(37) rwb:(nil) rt:2 cb:(nil),(nil)((nil)) qry:0x7f608c001430 asso:0 sess:(nil)
((null):0)
08/10 03:29:02.572: [diam] ERROR: pid:PSM/smf.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: AVP: 'Result-Code'(268) l=12 f=-M val='DIAMETER_UNKNOWN_PEER' (3010 (0xbc2))
((null):0)
08/10 03:29:02.572: [diam] ERROR: pid:PSM/smf.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: AVP: 'Error-Message'(281) l=29 f=-- val="DIAMETER_UNKNOWN_PEER"
((null):0)
08/10 03:29:02.572: [diam] ERROR: pid:PSM/smf.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: AVP: 'Origin-Host'(264) l=23 f=-M val="smf.localdomain"
((null):0)
08/10 03:29:02.572: [diam] ERROR: pid:PSM/smf.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: AVP: 'Origin-Realm'(296) l=19 f=-M val="localdomain"
((null):0)
08/10 03:29:02.573: [diam] ERROR: pid:PSM/smf.epc.mnc070.mcc999.3gppnetwork.org in md_hook_cb_tree@dbg_msg_dumps.c:117: AVP: 'Origin-State-Id'(278) l=12 f=-M val=1691636429 (0x64d452cd)
((null):0)
sgwc.yaml
cd /etc/open5gs/ cp /etc/open5gs/sgwc.yaml /etc/open5gs/sgwc.yaml.old vi /etc/open5gs/sgwc.yaml
Isi dengan,
logger:
file: /var/log/open5gs/sgwc.log
parameter:
sgwc:
gtpc:
- addr: 127.0.0.3
pfcp:
- addr: 127.0.0.3
sgwu:
pfcp:
- addr: 127.0.0.6
Test & pastikan tidak ada error,
sudo systemctl stop open5gs-sgwcd sudo sleep 10 sudo systemctl start open5gs-sgwcd sudo systemctl status open5gs-sgwcd
cat /var/log/open5gs/sgwc.log
sgwu.yaml
cd /etc/open5gs/ cp /etc/open5gs/sgwu.yaml /etc/open5gs/sgwu.yaml.old vi /etc/open5gs/sgwu.yaml
Isi dengan,
logger:
file: /var/log/open5gs/sgwu.log
parameter:
sgwu:
gtpu:
dev: enp0s3
pfcp:
- addr: 127.0.0.6
sgwc:
pfcp:
- addr: 127.0.0.3
Test & pastikan tidak ada error,
sudo systemctl stop open5gs-sgwud sudo sleep 10 sudo systemctl start open5gs-sgwud sudo systemctl status open5gs-sgwud
cat /var/log/open5gs/sgwu.log
smf.yaml
cd /etc/open5gs/ cp /etc/open5gs/smf.yaml /etc/open5gs/smf.yaml.old vi /etc/open5gs/smf.yaml
Isi dengan,
logger:
file: /var/log/open5gs/smf.log
sbi:
server:
no_tls: true
cacert: /etc/open5gs/tls/ca.crt
key: /etc/open5gs/tls/smf.key
cert: /etc/open5gs/tls/smf.crt
client:
no_tls: true
cacert: /etc/open5gs/tls/ca.crt
key: /etc/open5gs/tls/smf.key
cert: /etc/open5gs/tls/smf.crt
parameter:
smf:
freeDiameter:
identity: smf.epc.mnc070.mcc999.3gppnetwork.org
realm: epc.mnc070.mcc999.3gppnetwork.org
port: 3868
sec_port: 5868
listen_on: 127.0.0.4
load_extension:
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dbg_msg_dumps.fdx
conf: 0x8888
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_rfc5777.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_mip6i.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_nasreq.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_nas_mipv6.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_dcca.fdx
- module: /usr/lib/x86_64-linux-gnu/freeDiameter/dict_dcca_3gpp.fdx
connect:
- identity: pcrf.epc.mnc070.mcc999.3gppnetwork.org
addr: 127.0.0.9
port: 3868
sbi:
- addr: 127.0.0.4
port: 7777
gtpc:
- addr: 127.0.0.4
- addr: ::1
gtpu:
- addr: 127.0.0.4
- addr: ::1
pfcp:
- addr: 127.0.0.4
- addr: ::1
subnet:
- addr: 10.45.0.1/16
apn: internet
dev: ogstun
- addr: 2001:db8:cafe::1/48
dev: ogstun
apn: internet
# - addr: 192.168.101.1/24
# apn: ims
# dev: ogstun2
# - addr: fd1f:76f3:da9b:0101::/48
# apn: ims
# dev: ogstun2
dns:
- 8.8.8.8
- 8.8.4.4
- 2001:4860:4860::8888
- 2001:4860:4860::8844
p-cscf:
- 192.168.0.4
nrf:
sbi:
- addr:
- 127.0.0.10
- ::1
port: 7777
upf:
pfcp:
- addr: 127.0.0.7
Test & pastikan tidak ada error,
sudo systemctl stop open5gs-smfd sudo sleep 10 sudo systemctl start open5gs-smfd sudo systemctl status open5gs-smfd
cat /var/log/open5gs/smf.log
udm.yaml
cd /etc/open5gs/ cp /etc/open5gs/udm.yaml /etc/open5gs/udm.yaml.old vi /etc/open5gs/udm.yaml
Isi dengan,
logger:
file: /var/log/open5gs/udm.log
sbi:
server:
no_tls: true
cacert: /etc/open5gs/tls/ca.crt
key: /etc/open5gs/tls/udm.key
cert: /etc/open5gs/tls/udm.crt
client:
no_tls: true
cacert: /etc/open5gs/tls/ca.crt
key: /etc/open5gs/tls/udm.key
cert: /etc/open5gs/tls/udm.crt
parameter:
# udm:
# hnet:
# - id: 1
# scheme: 1
# key: /etc/open5gs/hnet/curve25519-1.key
# - id: 2
# scheme: 2
# key: /etc/open5gs/hnet/secp256r1-2.key
# - id: 3
# scheme: 1
# key: /etc/open5gs/hnet/curve25519-3.key
# - id: 4
# scheme: 2
# key: /etc/open5gs/hnet/secp256r1-4.key
# - id: 5
# scheme: 1
# key: /etc/open5gs/hnet/curve25519-5.key
# - id: 6
# scheme: 2
# key: /etc/open5gs/hnet/secp256r1-6.key
# sbi:
# - addr: 127.0.0.12
# port: 7777
udm:
sbi:
- addr: 127.0.0.12
port: 7777
# scp:
# sbi:
# - addr: 127.0.1.10
# port: 7777
nrf:
sbi:
- addr:
- 127.0.0.10
- ::1
port: 7777
Test & pastikan tidak ada error,
sudo systemctl stop open5gs-udmd sudo sleep 10 sudo systemctl start open5gs-udmd sudo systemctl status open5gs-udmd
cat /var/log/open5gs/udm.log
udr.yaml
cd /etc/open5gs/ cp /etc/open5gs/udr.yaml /etc/open5gs/udr.yaml.old vi /etc/open5gs/udr.yaml
Isi dengan,
db_uri: mongodb://localhost/open5gs
logger:
file: /var/log/open5gs/udr.log
sbi:
server:
no_tls: true
cacert: /etc/open5gs/tls/ca.crt
key: /etc/open5gs/tls/udr.key
cert: /etc/open5gs/tls/udr.crt
client:
no_tls: true
cacert: /etc/open5gs/tls/ca.crt
key: /etc/open5gs/tls/udr.key
cert: /etc/open5gs/tls/udr.crt
parameter:
udr:
sbi:
- addr: 127.0.0.20
port: 7777
# scp:
# sbi:
# - addr: 127.0.1.10
# port: 7777
nrf:
sbi:
- addr:
- 127.0.0.10
- ::1
port: 7777
Test & pastikan tidak ada error,
sudo systemctl stop open5gs-udrd sudo sleep 10 sudo systemctl start open5gs-udrd sudo systemctl status open5gs-udrd
cat /var/log/open5gs/udr.log
upf.yaml
cd /etc/open5gs/ cp /etc/open5gs/upf.yaml /etc/open5gs/upf.yaml.old vi /etc/open5gs/upf.yaml
Isi dengan,
logger:
file: /var/log/open5gs/upf.log
parameter:
# upf:
# pfcp:
# - addr: 127.0.0.7
# gtpu:
# - addr: 127.0.0.7
# subnet:
# - addr: 10.45.0.1/16
# - addr: 2001:db8:cafe::1/48
# metrics:
# - addr: 127.0.0.7
# port: 9090
upf:
pfcp:
- addr: 127.0.0.7
gtpu:
- addr: 127.0.0.7
subnet:
- addr: 10.45.0.1/24
dev: ogstun
apn: internet
- addr: 2001:db8:cafe::1/48
dev: ogstun
apn: internet
# - addr: 192.168.101.1/24
# apn: ims
# dev: ogstun2
# - addr: fd1f:76f3:da9b:0101::/48
# apn: ims
# dev: ogstun2
smf:
pfcp:
- addr: 127.0.0.4
Test & pastikan tidak ada error,
sudo systemctl stop open5gs-upfd sudo sleep 10 sudo systemctl start open5gs-upfd sudo systemctl status open5gs-upfd
cat /var/log/open5gs/upf.log