No data path rules in PFCP session establishment.

[Twig96]

Hi, I tried setting up a data plane communication by using VPP-UPF and ERGW-PGW nodes.

The PDP context is requested by a sgsnemu node and the PGW deals with Sx Association setup and Sx Session establishment which both succed. However the PDP context response fails with error 199 (No resources available).

By an inspection of the content of the packets sniffed with wireshark it comes up that the Sx session establishment request does not provide rules to the UPF regarding the establishment of a path for the user data, which should do according to specification 29.244, but only the one for the control plane.

Is it a bug or am I missing something?

[RoadRunnr]

That is the same problem as in #197 (sorry for not answering earlier!)

In older version a default permit out ip from any to assigned policy was used. With then introduction of full Gx and Gy support we needed a way to have those policies come from config or from Gx. The solution was to always require a valid policy from Gx and fake a valid answer when Gx is not in use.

The dev and sample configs have not been adjusted.
You need something like this in the ergw_aaa config:

[{ergw,
  [

...

   {charging,
    [{default,
      [{offline,
	[{triggers,
	  [{'cgi-sai-change',            'container'},
	   {'ecgi-change',               'container'},
	   {'max-cond-change',           'cdr'},
	   {'ms-time-zone-change',       'cdr'},
	   {'qos-change',                'container'},
	   {'rai-change',                'container'},
	   {'rat-change',                'cdr'},
	   {'sgsn-sgw-change',           'cdr'},
	   {'sgsn-sgw-plmn-id-change',   'cdr'},
	   {'tai-change',                'container'},
	   {'tariff-switch-change',      'container'},
	   {'user-location-info-change', 'container'}
	  ]}
	]},

       {rulebase,
	[{<<"r-0001">>,
	  #{'Rating-Group' => [3000],
	    'Flow-Information' =>
		[#{'Flow-Description' => [<<"permit out ip from any to assigned">>],
		   'Flow-Direction'   => [1]    %% DownLink
		  },
		 #{'Flow-Description' => [<<"permit out ip from any to assigned">>],
		   'Flow-Direction'   => [2]    %% UpLink
		  }],
	    'Metering-Method'  => [1],
	    'Precedence' => [100],
	    'Offline'  => [1]
	   }},
	 {<<"m2m0001">>, [<<"r-0001">>]}
	]}
      ]}
    ]},

   {nodes,
    [{default,
      [{vrfs,
	[{cp, [{features, ['CP-Function']}]},
	 {irx, [{features, ['Access']}]},
	 {sgi, [{features, ['SGi-LAN']}]}
	]},
       {ip_pools, ['pool-A']}]
     },
     {"topon.sx.prox01.$ORIGIN", [connect]},
    ]
   }
  ]},

 {ergw_aaa,
  [
   {handlers,
    [{ergw_aaa_static,
      [{'NAS-Identifier',          <<"NAS-Identifier">>},
       {'Node-Id',                 <<"PGW-001">>},
       {'Charging-Rule-Base-Name', <<"m2m0001">>},
       {'Acct-Interim-Interval',  600}
      ]}
    ]},
   {services,
    [{'Default',
      [{handler, 'ergw_aaa_static'},
       {answers,
	#{'Initial-Gx' =>
	      #{'Result-Code' => 2001,
		'Charging-Rule-Install' =>
		    [#{'Charging-Rule-Base-Name' => [<<"m2m0001">>]}]
	       },
	  'Update-Gx' => #{'Result-Code' => 2001},
	  'Final-Gx' => #{'Result-Code' => 2001}
	 }
       }
      ]}
    ]},
   {apps,
    [{default,
      [{session, ['Default']},
       {procedures, [{authenticate, []},
		     {authorize, []},
		     {start, []},
		     {interim, []},
		     {stop, []},
		     {{gx, 'CCR-Initial'},   [{'Default', [{answer, 'Initial-Gx'}]}]},
		     {{gx, 'CCR-Update'},    [{'Default', [{answer, 'Update-Gx'}]}]},
		     {{gx, 'CCR-Terminate'}, [{'Default', [{answer, 'Final-Gx'}]}]},
		     {{gy, 'CCR-Initial'},   []},
		     {{gy, 'CCR-Update'},    []},
		     {{gy, 'CCR-Terminate'}, []}
		    ]}
      ]}
    ]}
  ]}
].

[Twig96]

Don't worry! Sorry for the multiple posts but I wasn't sure the problem was the same. I will close the other one and try to update the configuration file in order to make it work.

I'll let you know soon if I can fix the problems.

Thanks in advance!

[Twig96]

I changed the configuration file as suggested. Now it displays the 209 error (User authentication failed) even if I'm using uid = ergw and pwd = ergw from sgsnemu for the PDP create context request, which should be the default accepted values for the authentication.
Also, the Sx session establishment response seems to not have changed.

I attach the ergw configuration file that I used:

%--Erlang--

[

{kernel,
	[{logger,
		[{handler, default, logger_std_h,
			#{level => all,
			config =>
				#{sync_mode_qlen => 10000,
				drop_mode_qlen => 10000,
				flush_qlen => 10000}
			}
		}]
	}]
},

{ergw, 
	[{'$setup_vars',
  		[{"ORIGIN", {value, "epc.mnc001.mcc001.3gppnetwork.org"}}]},

	%% GTP sockets

	{sockets,
		[{'cp-socket',
    			[{type, 'gtp-u'},
     			{vrf, cp},
     			{ip, {172,20,21,1}},
     			{netdev, "sxb-cp"},
     			%{netns, "cp"},
     			{reuseaddr, true}]
		},
   		{irx, 
			[{type, 'gtp-c'},
	  		{vrf, epc},
	  		{ip, {172,20,20,1}},
		  	{netdev, "grx-cp"},
	  		%{netns, "epc"},
	  		{reuseaddr, true}]
     		}]
  	},

	%% IP pools

 	{ip_pools,
		[{'pool-A', 
			[{ranges, 
				[{{10,180,0,1}, {10,180,255,254}, 32},
		               	{{16#8001, 0, 1, 0, 0, 0, 0, 0}, {16#8001, 0, 1, 16#FFFF, 16#FFFF, 16#FFFF, 16#FFFF, 16#FFFF}, 64},
			       	{{16#8001, 0, 0, 0, 0, 0, 0, 0}, {16#8001, 0, 0, 0, 0, 0, 0, 16#FFFF}, 128}]
			},
		     	{'MS-Primary-DNS-Server', {8,8,8,8}},
		     	{'MS-Secondary-DNS-Server', {8,8,4,4}},
		     	{'MS-Primary-NBNS-Server', {127,0,0,1}},
		     	{'MS-Secondary-NBNS-Server', {127,0,0,1}},
		     	{'DNS-Server-IPv6-Address', 
				[{16#2001, 16#4860, 16#4860, 0, 0, 0, 0, 16#8888},
				{16#2001, 16#4860, 16#4860, 0, 0, 0, 0, 16#8844}]
			}]
		},
		{'pool-B', 
			[{ranges, 
				[{{10,180,0,1}, {10,180,255,254}, 32},
			      	{{16#8001, 0, 1, 0, 0, 0, 0, 0}, {16#8001, 0, 1, 16#FFFF, 16#FFFF, 16#FFFF, 16#FFFF, 16#FFFF}, 64},
			      	{{16#8001, 0, 0, 0, 0, 0, 0, 0}, {16#8001, 0, 0, 0, 0, 0, 0, 16#FFFF}, 128}]
			},
		    	{'MS-Primary-DNS-Server', {8,8,8,8}},
		    	{'MS-Secondary-DNS-Server', {8,8,4,4}},
		    	{'MS-Primary-NBNS-Server', {127,0,0,1}},
		    	{'MS-Secondary-NBNS-Server', {127,0,0,1}},
		    	{'DNS-Server-IPv6-Address', 
				[{16#2001, 16#4860, 16#4860, 0, 0, 0, 0, 16#8888},
			 	{16#2001, 16#4860, 16#4860, 0, 0, 0, 0, 16#8844}]
			}]
		},
		{'pool-C', 
			[{ranges, 
				[{{10,180,0,1}, {10,180,255,254}, 32},
			      	{{16#8001, 0, 1, 0, 0, 0, 0, 0}, {16#8001, 0, 1, 16#FFFF, 16#FFFF, 16#FFFF, 16#FFFF, 16#FFFF}, 64},
			      	{{16#8001, 0, 0, 0, 0, 0, 0, 0}, {16#8001, 0, 0, 0, 0, 0, 0, 16#FFFF}, 128}]
			},
		    	{'MS-Primary-DNS-Server', {8,8,8,8}},
		    	{'MS-Secondary-DNS-Server', {8,8,4,4}},
		    	{'MS-Primary-NBNS-Server', {127,0,0,1}},
		    	{'MS-Secondary-NBNS-Server', {127,0,0,1}},
		    	{'DNS-Server-IPv6-Address', 
				[{16#2001, 16#4860, 16#4860, 0, 0, 0, 0, 16#8888},
				{16#2001, 16#4860, 16#4860, 0, 0, 0, 0, 16#8844}]
			}]
		}]	
	},

	%% Socket for Sx interface

 	{sx_socket,
  		[{node, 'ergw'},
   		{name, 'ergw'},
   		{socket, 'cp-socket'},
   		{ip, {172,20,21,1}},
   		{netdev, "sxb-cp"},
   		{reuseaddr, true}]
  	},

	%% Interface handlers

 	{handlers,
  		[{'h1', 
			[{handler, pgw_s5s8},
	   		{protocol, gn},
	   		{sockets, [irx]},
	   		{node_selection, [default]},
	   		{aaa, 
				[{'Username',
					[{default, 
						['IMSI', <<"/">>,
				    		'IMEI', <<"/">>,
				    		'MSISDN', <<"/">>,
				    		'ATOM', <<"/">>,
				    		'TEXT', <<"/">>,
				    		12345,
				    		<<"@">>, 'APN']
					}]
				}]
			}]
	  	},
   		{'h2', 
			[{handler, pgw_s5s8},
	   		{protocol, s5s8},
	   		{sockets, [irx]},
	   		{node_selection, [default]},
	   		{aaa, 
				[{'Username',
					[{default, 
						['IMSI', <<"/">>,
				    		'IMEI', <<"/">>,
				    		'MSISDN', <<"/">>,
				    		'ATOM', <<"/">>,
				    		'TEXT', <<"/">>,
				    		12345,
				    		<<"@">>, 'APN']
					}]
				}]
			}]
	  	}]
  	},

	%% Network APNs

 	{apns,
  		[{[<<"tpip">>, <<"net">>], 
			[{vrf, sgi},
			{ip_pools, ['pool-A']},
			{prefered_bearer_type, 'IPv4'}]
		},
   		{[<<"APN1">>], 
			[{vrf, sgi},
			{ip_pools, ['pool-A']},
			{prefered_bearer_type, 'IPv4'}]
		},
   		{[<<"example">>, <<"net">>],
			[{vrf, sgi},
			{ip_pools, ['pool-A', 'pool-B']},
			{'Idle-Timeout', 21600000}]
		}]
 	},

	%% Charging rules

	{charging,
		[{default, 
			[{offline,
				[{triggers,
					[{'cgi-sai-change', 'container'},
					{'ecgi-change', 'container'},
					{'max-cond-change', 'cdr'},
					{'ms-time-zone-change', 'cdr'},
					{'qos-change', 'container'},
					{'rai-change', 'container'},
					{'rat-change', 'cdr'},
					{'sgsn-sgw-change', 'cdr'},
					{'sgsn-sgw-plmn-id-change', 'cdr'},
					{'tai-change', 'container'},
					{'tariff-switch-change', 'container'},
					{'user-location-info-change', 'container'}]
				}],
			},
			{rulebase,
				[{<<"r-0001">>,
					#{'Rating-Group' => [3000],
					'Flow-Information' => 
						[#{'Flow-Description' => [<<"permit out ip from any to assigned">>],
						'Flow-Direction' => [1] %%Downlink},
						#{'Flow-Description' => [<<"permit out ip from any to assigned">>],
						'Flow-Direction' => [2] %%Uplink}],
					'Metering-Method' => [1],
					'Precedence' => [100],
					'Offline' => [1] 
					}
				},
				{<<"m2m0001">>, [<<"r-0001">>]}]
			}]
		}]
	},


 	{node_selection,
  		[{default,
    			{static,
     				[%% APN NAPTR alternative
      				{"_default.apn.$ORIGIN", {300,64536},
					[{"x-3gpp-pgw", "x-s5-gtp"}, 
					{"x-3gpp-pgw", "x-s8-gtp"}, 
					{"x-3gpp-pgw", "x-gn"}, 
					{"x-3gpp-pgw", "x-gp"}],
				"topon.s5s8.pgw.$ORIGIN"},

      				{"_default.apn.$ORIGIN", {300,64536},
       					[{"x-3gpp-upf","x-sxb"}],
       				"topon.sx.prox01.$ORIGIN"},

      				{"async-sx.apn.$ORIGIN", {300,64536},
       					[{"x-3gpp-upf","x-sxb"}],
       				"topon.sx.prox01.$ORIGIN"},

      				%% A/AAAA record alternatives
      				{"topon.s5s8.pgw.$ORIGIN", [{172,20,20,150}], []},

      				{"topon.sx.prox01.$ORIGIN", [{172,20,21,2}], []}]
    			}	
   		}]
 	},

	%%Nodes configuration

 	{nodes,
  		[{default,
    			[{vrfs,
      				[{cp, 
					[{features, ['CP-Function']}]
				},
       				{epc, 
					[{features, ['Access']}]
				},
       				{sgi, 
					[{features, ['SGi-LAN']}]
				}]
     			},
     			{ip_pools, ['pool-A']}]
		},
  		{"topon.sx.prox01.$ORIGIN", [connect]}]
	}]

},

%%AAA configuration

{ergw_aaa,
	[{handlers,
    		[{ergw_aaa_static,
			[{'NAS-Identifier', <<"NAS-Identifier">>},
 			{'Node-Id', <<"PGW-001">>},
 			{'Charging-Rule-Base-Name', <<"m2m0001">>},
 			{'Acct-Interim-Interval', 600}]
		}]
		},

	{services,
			[{'Default', 
			[{handler, 'ergw_aaa_static'},
			{answer,
				#{'Initial-Gx' => 
					#{'Result-Code' => 2001,
					'Charging-Rule-Install' =>
						[#{'Charging-Rule-Base-Name' => [<<"m2m0001">>]}]},
				'Update-Gx' => #{'Result-Code' => 2001},
				'Final-Gx' => #{'Result-Code' => 2001}
				}
			}]
		}]
		},

	{apps,
			[{default,
  				[{session, ['Default']},
   				{procedures, 
				[{authenticate, []},
	     			{authorize, []},
	     			{start, []},
	     			{interim, []},
	     			{stop, []},
	     			{{gx, 'CCR-Intial'}, 
					[{'Default', [{answer, 'Initial-Gx'}]}]
				},
	     			{{gx, 'CCR-Update'}, 
					[{'Default', [{answer, 'Update-Gx'}]}]
				},
	     			{{gx, 'CCR-Terminate'}, 
					[{'Default', [{answer, 'Final-Gx'}]}]
				},
	     			{{gy, 'CCR-Initial'}, []},
	     			{{gy, 'CCR-Update'}, []},
	     			{{gy, 'CCR-Terminate'}, []}]
	    		}]
  			}]
		}]
}

].