-
Notifications
You must be signed in to change notification settings - Fork 0
Intel Nuc Setup
Start by cloning this repo to the Intel Nuc that you will be running everything from, In our testing we ran the 5G tests from the 5G Core Nuc and the FS Nuc for the Wi-Fi Tests.
We need to set up the 5G core according to the steps described in the Quickstart section of the Open5gs documentation located here: Open5gs Quickstart
We used Ubuntu 22.04 for the OS, so the instructions listed here are for Ubuntu systems.
-
Install MongoDB
$ sudo apt update $ sudo apt install gnupg $ curl -fsSL https://pgp.mongodb.com/server-6.0.asc | sudo gpg -o /usr/share/keyrings/mongodb-server-6.0.gpg --dearmorThen you will need to create the list file /etc/apt/sources.list.d/mongodb-org-6.0.list for your version of Ubuntu.
$ sudo apt update $ sudo apt install -y mongodb-org $ sudo systemctl start mongod (if '/usr/bin/mongod' is not running) $ sudo systemctl enable mongod (ensure to automatically start it on system boot) -
Install Open5gs
$ sudo add-apt-repository ppa:open5gs/latest $ sudo apt update $ sudo apt install open5gs -
Install the Web UI of Open5gs
-
download the required dependencies of the Web UI
# Download and import the Nodesource GPG key $ sudo apt update $ sudo apt install -y ca-certificates curl gnupg $ sudo mkdir -p /etc/apt/keyrings $ curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg # Create deb repository $ NODE_MAJOR=20 $ echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list # Run Update and Install $ sudo apt update $ sudo apt install nodejs -y -
Install the Web UI
$ curl -fsSL https://open5gs.org/open5gs/assets/webui/install | sudo -E bash -
-
-
Config Open5gs Core
We were only using the 5g components, so we skipped over the 4g part of the setup.
-
Modify the config file for the AMF located at /etc/open5gs/amf.yaml to set the NGAP IP address to this Machine's IP address and add two security protocols to the mix
ngap: - - addr: 127.0.0.5 + - addr: (YOUR IP HERE) security: - integrity_order : [ NIA2, NIA1, NIA0 ] - ciphering_order : [ NEA0, NEA1, NEA2 ] + integrity_order : [ NIA3, NIA2, NIA1, NIA0 ] + ciphering_order : [ NEA0, NEA1, NEA2, NEA3 ] -
Modify the config file for the UPF located at /etc/open5gs/upf.yaml to set the GTP-U IP address to this Machine's IP address
gtpu: - - addr: 127.0.0.7 + - addr: (YOUR IP HERE) -
Restart these components using the following code
$ sudo systemctl restart open5gs-amfd $ sudo systemctl restart open5gs-upfd
-
-
Register Each UE on the Core
-
connect to http://localhost:3000 and login with admin account.
-
Login credentials are:
Username: admin
Password: 1423 -
To add a subscriber (UE), do the following Web UI operations:
- Go to
SubscriberMenu. - Click
+Button to add a new subscriber. - Fill the IMSI, security context (K, OPc, AMF), and APN of the subscriber. (located in the UE config file)
- Click
SAVEButton
- Go to
-
If you need access outside the network or wan add the iptables rules below
To enable forwarding at these NAT rules:
### Enable IPv4/IPv6 Forwarding $ sudo sysctl -w net.ipv4.ip_forward=1 $ sudo sysctl -w net.ipv6.conf.all.forwarding=1 ### Add NAT Rule $ sudo iptables -t nat -A POSTROUTING -s 10.45.0.0/16 ! -o ogstun -j MASQUERADE $ sudo ip6tables -t nat -A POSTROUTING -s 2001:db8:cafe::/48 ! -o ogstun -j MASQUERADE -
Configure the firewall, Ubuntu by default has rules to block traffic.
$ sudo ufw status Status: active $ sudo ufw disable Firewall stopped and disabled on system startup $ sudo ufw status Status: inactive -
Lastly run these commands to save the iptables rules we just added
sudo apt-get install iptables-persistent sudo /sbin/iptables-save > /etc/iptables/rules.v4 sudo /sbin/ip6tables-save > /etc/iptables/rules.v6 -
Setup tcpdump
Run the following commands:
$ sudo groupadd pcap $ sudo usermod -a -G pcap ubuntu $ sudo chgrp pcap /usr/bin/tcpdump $ sudo chmod 777 /usr/bin/tcpdump $ sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/tcpdump -
Optionally, you may consider the settings below for security purposes.
### Ensure that the packets in the `INPUT` chain to the `ogstun` interface are accepted $ sudo iptables -I INPUT -i ogstun -j ACCEPT ### Prevent UE's from connecting to the host on which UPF is running $ sudo iptables -I INPUT -s 10.45.0.0/16 -j DROP $ sudo ip6tables -I INPUT -s 2001:db8:cafe::/48 -j DROP ### If your core network runs over multiple hosts, you probably want to block ### UE originating traffic from accessing other network functions. ### Replace x.x.x.x/y with the VNFs IP/subnet $ sudo iptables -I FORWARD -s 10.45.0.0/16 -d x.x.x.x/y -j DROP
-
-
Starting and Stopping Open5gs core
-
Manually you can enter the commands below to start or stop each component.
$ sudo systemctl stop open5gs-mmed $ sudo systemctl stop open5gs-sgwcd $ sudo systemctl stop open5gs-smfd $ sudo systemctl stop open5gs-amfd $ sudo systemctl stop open5gs-sgwud $ sudo systemctl stop open5gs-upfd $ sudo systemctl stop open5gs-hssd $ sudo systemctl stop open5gs-pcrfd $ sudo systemctl stop open5gs-nrfd $ sudo systemctl stop open5gs-scpd $ sudo systemctl stop open5gs-ausfd $ sudo systemctl stop open5gs-udmd $ sudo systemctl stop open5gs-pcfd $ sudo systemctl stop open5gs-nssfd $ sudo systemctl stop open5gs-bsfd $ sudo systemctl stop open5gs-udrd $ sudo systemctl stop open5gs-webui$ sudo systemctl restart open5gs-mmed $ sudo systemctl restart open5gs-sgwcd $ sudo systemctl restart open5gs-smfd $ sudo systemctl restart open5gs-amfd $ sudo systemctl restart open5gs-sgwud $ sudo systemctl restart open5gs-upfd $ sudo systemctl restart open5gs-hssd $ sudo systemctl restart open5gs-pcrfd $ sudo systemctl restart open5gs-nrfd $ sudo systemctl restart open5gs-scpd $ sudo systemctl restart open5gs-ausfd $ sudo systemctl restart open5gs-udmd $ sudo systemctl restart open5gs-pcfd $ sudo systemctl restart open5gs-nssfd $ sudo systemctl restart open5gs-bsfd $ sudo systemctl restart open5gs-udrd $ sudo systemctl restart open5gs-webui -
You can also run the script /home/ubuntu/scripts/core_stop.sh to stop all components or /home/ubuntu/scripts/core_start.sh to start/restart all components.
-
-
If you need to uninstall the Open5gs core or Web UI run the following commands.
-
Open5gs Core
$ sudo apt purge open5gs $ sudo apt autoremove $ sudo rm -Rf /var/log/open5gs -
Web UI
curl -fsSL https://open5gs.org/open5gs/assets/webui/uninstall | sudo -E bash -
-
We used Ubuntu 22.04 for the gNB machine so the instructions for installing the gNB are specific to that OS
-
Clone UERANSIM repo
cd ~ git clone https://github.com/aligungr/UERANSIM -
Install Dependencies
-
Run the following commands to make sure that you get all the dependencies and the correct versions installed
sudo apt update sudo apt upgrade sudo apt install make sudo apt install gcc sudo apt install g++ sudo apt install libsctp-dev lksctp-tools sudo apt install iproute2 sudo snap install cmake --classicNote: It is critical that you run the last command exactly as shown since other installers install a different version by default, the other workaround this issue is to build cmake directly from sources.
-
-
Building UERANSIM
Building is very simple just run the following commands
cd ~/UERANSIM make -
Configure gNB Edit the file located /home/ubuntu/UERANSIM/config/open5gs-gnb.yaml and change the IP addresses as shown:
linkIp: (MACHINE'S IP HERE) # gNB's local IP address for Radio Link Simulation (Usually same with local IP) ngapIp: (MACHINE'S IP HERE) # gNB's local IP address for N2 Interface (Usually same with local IP) gtpIp: (MACHINE'S IP HERE) # gNB's local IP address for N3 Interface (Usually same with local IP) # List of AMF address information amfConfigs: - address: (AMF IP HERE) -
You will also need to copy the file located at home/ubuntu/UERANSIM/config/open5gs-ue.yaml 15 times to home/ubuntu/scripts/script_config/
- rename the files adding a 0-15 to the end of the file
- edit each file at lines 65-67 and 71-73 until you have each possible combination of IA and EA settings
-
Start the gNB component
Once you have changed the configuration file you can start the component by running the following command:
/home/ubuntu/UERANSIM/build/nr-gnb -c /home/ubuntu/UERANSIM/config/open5gs-gnb.yamlNote: You want to open a new tab when you run this command so you can monitor the output of the gnb as you are running the tests
-
Troubleshooting tool
The gNB has a built-in tool for monitoring and troubleshooting while the system is up.
We provide nr-cli tool for both gNB and UEs.
NOTE: UE and gNB have different CLI commands. For example, in gNB you can check the AMF connection status, or in UE you can trigger de-registration. More details are explained in the present document.
Usage:
nr-cli <node-name>Here you need to replace <node-name> with a UE or gNB name. For example:
nr-cli imsi-001010000000001You can query the current UE and gNBs in the environment using:
$ nr-cli --dumpAfter running nr-cli <node-name> command, an interactive shell will be open if given node is present and running in the environment. You can now execute further commands for this node.
To see available commands, use commands.
For Example:
user@pc:~/UERANSIM/build$ ./nr-cli UERANSIM-gnb-001-01-1 -------------------------------------------------------------------------------------------- $ commands amf-info | Show some status information about the given AMF amf-list | List all AMFs associated with the gNB info | Show some information about the gNB status | Show some status information about the gNB ue-count | Print the total number of UEs connected the this gNB ue-list | List all UEs associated with the gNB --------------------------------------------------------------------------------------------You can further investigate usage and help information for sub-commands.
For example:
$ amf-info --help $ ue-list --versionetc.
You can also use -e/--exec option if you want to directly execute the command instead of using the interactive shell.
For example:
nr-cli imsi-001010000000001 --exec "status"For more details, run nr-cli --helpSetup the Intel Nuc'sStart by cloning this repo to the Intel Nuc that you will be running everything from, In our testing we ran the 5G tests from the 5G Core Nuc and the FS Nuc for the Wi-Fi Tests.For the 5G Core NucWe need to set up the 5G core according to the steps described in the Quickstart section of the Open5gs documentation located here: Open5gs QuickstartInstall Open5gs with a Package ManagerWe used Ubuntu 22.04 for the OS, so the instructions listed here are for Ubuntu systems.Install MongoDB$ sudo apt update $ sudo apt install gnupg $ curl -fsSL https://pgp.mongodb.com/server-6.0.asc | sudo gpg -o /usr/share/keyrings/mongodb-server-6.0.gpg --dearmorThen you will need to create the list file /etc/apt/sources.list.d/mongodb-org-6.0.list for your version of Ubuntu.$ sudo apt update $ sudo apt install -y mongodb-org $ sudo systemctl start mongod (if '/usr/bin/mongod' is not running) $ sudo systemctl enable mongod (ensure to automatically start it on system boot)Install Open5gs$ sudo add-apt-repository ppa:open5gs/latest $ sudo apt update $ sudo apt install open5gsInstall the Web UI of Open5gsdownload the required dependencies of the Web UI # Download and import the Nodesource GPG key $ sudo apt update $ sudo apt install -y ca-certificates curl gnupg $ sudo mkdir -p /etc/apt/keyrings $ curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
$ NODE_MAJOR=20 $ echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list
$ sudo apt update $ sudo apt install nodejs -yInstall the Web UI$ curl -fsSL https://open5gs.org/open5gs/assets/webui/install | sudo -E bash -Config Open5gs CoreWe were only using the 5g components, so we skipped over the 4g part of the setup.Modify the config file for the AMF located at /etc/open5gs/amf.yaml to set the NGAP IP address to this Machine's IP address and add two security protocols to the mix ngap:
-
- addr: 127.0.0.5
-
security:
- addr: (YOUR IP HERE)
-
integrity_order : [ NIA2, NIA1, NIA0 ] -
ciphering_order : [ NEA0, NEA1, NEA2 ]
-
integrity_order : [ NIA3, NIA2, NIA1, NIA0 ] -
ciphering_order : [ NEA0, NEA1, NEA2, NEA3 ]Modify the config file for the UPF located at /etc/open5gs/upf.yaml to set the GTP-U IP address to this Machine's IP address gtpu:
-
- addr: 127.0.0.7
-
- addr: (YOUR IP HERE)Restart these components using the following code$ sudo systemctl restart open5gs-amfd
$ sudo systemctl restart open5gs-upfdRegister Each UE on the Coreconnect to http://localhost:3000/ and login with admin account.Login credentials are:Username: adminPassword: 1423To add a subscriber (UE), do the following Web UI operations:Go to Subscriber Menu.Click + Button to add a new subscriber.Fill the IMSI, security context (K, OPc, AMF), and APN of the subscriber. (located in the UE config file)Click SAVE ButtonIf you need access outside the network or wan add the iptables rules belowTo enable forwarding at these NAT rules:### Enable IPv4/IPv6 Forwarding $ sudo sysctl -w net.ipv4.ip_forward=1 $ sudo sysctl -w net.ipv6.conf.all.forwarding=1
$ sudo iptables -t nat -A POSTROUTING -s 10.45.0.0/16 ! -o ogstun -j MASQUERADE
$ sudo ip6tables -t nat -A POSTROUTING -s 2001:db8:cafe::/48 ! -o ogstun -j MASQUERADEConfigure the firewall, Ubuntu by default has rules to block traffic.$ sudo ufw status
Status: active
$ sudo ufw disable
Firewall stopped and disabled on system startup
$ sudo ufw status
Status: inactiveLastly run these commands to save the iptables rules we just addedsudo apt-get install iptables-persistent
sudo /sbin/iptables-save > /etc/iptables/rules.v4
sudo /sbin/ip6tables-save > /etc/iptables/rules.v6Setup tcpdumpRun the following commands:$ sudo groupadd pcap
$ sudo usermod -a -G pcap ubuntu
$ sudo chgrp pcap /usr/bin/tcpdump
$ sudo chmod 777 /usr/bin/tcpdump
$ sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/tcpdumpOptionally, you may consider the settings below for security purposes.### Ensure that the packets in the INPUT chain to the ogstun interface are accepted
$ sudo iptables -I INPUT -i ogstun -j ACCEPT
$ sudo iptables -I INPUT -s 10.45.0.0/16 -j DROP $ sudo ip6tables -I INPUT -s 2001:db8:cafe::/48 -j DROP
$ sudo iptables -I FORWARD -s 10.45.0.0/16 -d x.x.x.x/y -j DROPStarting and Stopping Open5gs coreManually you can enter the commands below to start or stop each component.$ sudo systemctl stop open5gs-mmed $ sudo systemctl stop open5gs-sgwcd $ sudo systemctl stop open5gs-smfd $ sudo systemctl stop open5gs-amfd $ sudo systemctl stop open5gs-sgwud $ sudo systemctl stop open5gs-upfd $ sudo systemctl stop open5gs-hssd $ sudo systemctl stop open5gs-pcrfd $ sudo systemctl stop open5gs-nrfd $ sudo systemctl stop open5gs-scpd $ sudo systemctl stop open5gs-ausfd $ sudo systemctl stop open5gs-udmd $ sudo systemctl stop open5gs-pcfd $ sudo systemctl stop open5gs-nssfd $ sudo systemctl stop open5gs-bsfd $ sudo systemctl stop open5gs-udrd $ sudo systemctl stop open5gs-webui$ sudo systemctl restart open5gs-mmed $ sudo systemctl restart open5gs-sgwcd $ sudo systemctl restart open5gs-smfd $ sudo systemctl restart open5gs-amfd $ sudo systemctl restart open5gs-sgwud $ sudo systemctl restart open5gs-upfd $ sudo systemctl restart open5gs-hssd $ sudo systemctl restart open5gs-pcrfd $ sudo systemctl restart open5gs-nrfd $ sudo systemctl restart open5gs-scpd $ sudo systemctl restart open5gs-ausfd $ sudo systemctl restart open5gs-udmd $ sudo systemctl restart open5gs-pcfd $ sudo systemctl restart open5gs-nssfd $ sudo systemctl restart open5gs-bsfd $ sudo systemctl restart open5gs-udrd $ sudo systemctl restart open5gs-webuiYou can also run the script /home/ubuntu/scripts/core_stop.sh to stop all components or /home/ubuntu/scripts/core_start.sh to start/restart all components.If you need to uninstall the Open5gs core or Web UI run the following commands.Open5gs Core$ sudo apt purge open5gs $ sudo apt autoremove $ sudo rm -Rf /var/log/open5gsWeb UIcurl -fsSL https://open5gs.org/open5gs/assets/webui/uninstall | sudo -E bash -For the gNB NucInstall gNBWe used Ubuntu 22.04 for the gNB machine so the instructions for installing the gNB are specific to that OSClone UERANSIM repocd ~ git clone https://github.com/aligungr/UERANSIMInstall DependenciesRun the following commands to make sure that you get all the dependencies and the correct versions installedsudo apt update sudo apt upgrade sudo apt install make sudo apt install gcc sudo apt install g++ sudo apt install libsctp-dev lksctp-tools sudo apt install iproute2 sudo snap install cmake --classicNote: It is critical that you run the last command exactly as shown since other installers install a different version by default, the other workaround this issue is to build cmake directly from sources.Building UERANSIMBuilding is very simple just run the following commandscd ~/UERANSIM makeConfigure gNB Edit the file located /home/ubuntu/UERANSIM/config/open5gs-gnb.yaml and change the IP addresses as shown:linkIp: (MACHINE'S IP HERE) # gNB's local IP address for Radio Link Simulation (Usually same with local IP) ngapIp: (MACHINE'S IP HERE) # gNB's local IP address for N2 Interface (Usually same with local IP) gtpIp: (MACHINE'S IP HERE) # gNB's local IP address for N3 Interface (Usually same with local IP)
amfConfigs:
- address: (AMF IP HERE)You will also need to copy the file located at home/ubuntu/UERANSIM/config/open5gs-ue.yaml 15 times to home/ubuntu/scripts/script_config/rename the files adding a 0-15 to the end of the fileedit each file at lines 65-67 and 71-73 until you have each possible combination of IA and EA settingsStart the gNB componentOnce you have changed the configuration file you can start the component by running the following command:/home/ubuntu/UERANSIM/build/nr-gnb -c /home/ubuntu/UERANSIM/config/open5gs-gnb.yamlNote: You want to open a new tab when you run this command so you can monitor the output of the gnb as you are running the testsTroubleshooting toolThe gNB has a built-in tool for monitoring and troubleshooting while the system is up.We provide nr-cli tool for both gNB and UEs.NOTE: UE and gNB have different CLI commands. For example, in gNB you can check the AMF connection status, or in UE you can trigger de-registration. More details are explained in the present document.Usage:nr-cli Here you need to replace with a UE or gNB name. For example:nr-cli imsi-001010000000001You can query the current UE and gNBs in the environment using:$ nr-cli --dumpAfter running nr-cli command, an interactive shell will be open if given node is present and running in the environment. You can now execute further commands for this node.To see available commands, use commands.For Example:user@pc:~/UERANSIM/build$ ./nr-cli UERANSIM-gnb-001-01-1
$ commands amf-info | Show some status information about the given AMF amf-list | List all AMFs associated with the gNB info | Show some information about the gNB status | Show some status information about the gNB ue-count | Print the total number of UEs connected the this gNB ue-list | List all UEs associated with the gNB --------------------------------------------------------------------------------------------You can further investigate usage and help information for sub-commands.For example:$ amf-info --help $ ue-list --versionetc.You can also use -e/--exec option if you want to directly execute the command instead of using the interactive shell.For example:nr-cli imsi-001010000000001 --exec "status"For more details, run nr-cli --help