Metonymical Deflection

ゆるく日々のコト・たまにITインフラ

UERANSIM + Open5GS による 5GC SA構築方法

Linux tech NW

UERANSIM & Open5GSによる5GC SAの構築方法を記載します。
4年前の記事では、OAI L2 nFAPI + Free5GCによる5GC NSAについて記載しました。
現在は、とても簡単かつスムーズに構築ができるようになっています。技術の進歩に感謝です。

UEとgNBはUERANSIMで構築し、5G Coreの各NFはOpen5GSで構築します。
また、最終的な構成では、N4インターフェース(SMFとUPF)間はPcapができるように分離します。*1

1.構成

1-1.環境

全ての端末(仮想マシン)はVMWare上に構築しています。

VMWare   : VMware(R) Workstation 17 Pro 17.5.0 build-22583795

Open5GS用仮想マシン
OS          : Ubuntu 22.04.2
Open5GS     : v2.7.0
MongoDB     : v6.0.0

UERANSIM仮想マシン
OS          : Ubuntu 22.04.2
UERANSIM    : v3.2.6
1-2.全体構成


各インターフェース名を記載すると以下のようになります。

上記は最終構成のため複雑に見えますが、最初は以下の構成にて1Call成功まで構築します。
その後、仮想マシンをクローンして、Open5GSのAMFやSMFを含む5GCとUPFに分離します。

1-3 .全体の流れ ~概要~
  1. 事前準備
  2. Open5GS設定
  3. UERANSIM設定
  4. 簡易動作確認
  5. Open5GSの分離*2
  6. 動作確認
  7. 動作確認:応用編

2.事前準備

UbuntuのNW周りの設定を記載しますが、少し掘り下げます。*3
再掲しますが、現段階では以下の構成で構築していきます。

2-1.u222c111:UERANSIMのNW設定

192.168.11.xは管理用で、インターネット接続が可能な状態になっています。
必要なアプリのインストール完了後、DNSやDefaultGW設定をコメントアウトします。

root@u222c111:~# cat /etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
  ethernets:
    ens33:
      addresses:
      - 192.168.11.111/24
      nameservers:
        addresses:
        - 192.168.11.1
      routes:
      - to: default
        via: 192.168.11.1
    ens35:
      addresses:
      - 192.168.56.111/24
  version: 2

root@u222c111:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.11.1    0.0.0.0         UG    0      0        0 ens33
192.168.11.0    0.0.0.0         255.255.255.0   U     0      0        0 ens33
192.168.56.0    0.0.0.0         255.255.255.0   U     0      0        0 ens35

設定完了後は、Bash上で以下のように設定反映が必要です。
以降は特に記載しませんが、NW周りの設定変更後は忘れずに実施してください。

netplan generate
netplan apply
2-2.u222c112:Open5GSのNW設定

UERANSIMと同様に、192.168.11.xは管理用で、後ほどDNSやDefaultGW設定をコメントアウトします。

root@u222c112:~# cat /etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
  ethernets:
    ens33:
      addresses:
      - 192.168.11.112/24
      nameservers:
        addresses:
        - 192.168.11.1
      routes:
      - to: default
        via: 192.168.11.1
    ens35:
      addresses:
      - 192.168.56.112/24
    ens37:
      addresses:
      - 192.168.33.112/24
  version: 2

root@u222c112:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.11.1    0.0.0.0         UG    0      0        0 ens33
192.168.11.0    0.0.0.0         255.255.255.0   U     0      0        0 ens33
192.168.33.0    0.0.0.0         255.255.255.0   U     0      0        0 ens37
192.168.56.0    0.0.0.0         255.255.255.0   U     0      0        0 ens35
2-3.u222c112:Open5GSのIP転送とFW無効化設定
sed -i -e "s/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g" /etc/sysctl.conf
sysctl -p

systemctl stop ufw && \
systemctl disable ufw

reboot

<補足>
Open5GS関連のDoc*4を読むと、UPF上でNAPT(IPマスカレード)設定を行っています。
しかし、ここでは意図的に設定していませんので、その理由を以下に補足します。

理由1 GTP-Uトンネル終端後、カプセル化を解除します。その上、UEのIPに対して、さらにNAPTをかける、という処理を行うことになります。このため、上手くいかないときの切り分けが困難になりそうなので、UPFでNAPTはしないようにしています。*5
理由2 N6(4GでのGi/SGi)において、実環境では各種FWやDPI、CGNなど、UEトラフィックに対して色々チェックしたり、いじりたいポイントでもあるため、UPFでNAPTをかけてしまうのは、もったいないなと個人的には思っています。
2-4.NATルータの戻り経路設定

本来、補足レベルの内容ですが、気付かないとハマるので、念のため。
NATルータ上で、以下のようにUEのIP Prefixに対して、戻り経路を設定しておいてください。

ip route 10.45.0.0 0.0.255.255 192.168.33.112

3.Open5GS設定

u222c112:Open5GSの端末で作業します。

3-1.MongoDBのインストール
apt -y install wget gnupg software-properties-common ca-certificates lsb-release
wget -qO - https://www.mongodb.org/static/pgp/server-6.0.asc | gpg --dearmor -o /etc/apt/trusted.gpg.d/mongodb-6.gpg
echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu $(lsb_release -cs)/mongodb-org/6.0 multiverse" | tee /etc/apt/sources.list.d/mongodb-org-6.0.list

apt update
apt install -y mongodb-org
systemctl start mongod && \
systemctl enable mongod
3-2.Open5GSのインストール
add-apt-repository ppa:open5gs/latest
apt update
apt -y install open5gs

<補足>
add-apt-repository ppa:open5gs/latest の実行時、以下のように確認を求められますが、Enterで進めてください。

root@u222c112:~# add-apt-repository ppa:open5gs/latest
PPA publishes dbgsym, you may need to include 'main/debug' component
Repository: 'deb https://ppa.launchpadcontent.net/open5gs/latest/ubuntu/ jammy main'
Description:
Open5GS is a C-language Open Source implementation of 5G Core and EPC, i.e. the core network of NR/LTE network (Release-17)
More info: https://launchpad.net/~open5gs/+archive/ubuntu/latest
Adding repository.
Press [ENTER] to continue or Ctrl-c to cancel.
3-3.Open5GS Web Consoleのインストール

最初にnodejsをインストールした後、Web ConsoleのインストールスクリプトをDLして実行します。

apt -y install ca-certificates curl gnupg
mkdir -p /etc/apt/keyrings
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
NODE_MAJOR=20
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list
apt update
apt -y install nodejs

curl -fsSL https://open5gs.org/open5gs/assets/webui/install | sudo -E bash -
3-4.Web Consoleの起動設定

DefaultではループバックアドレスでListenしてしまうため、コンソール端末などからアクセスできないので、以下のように設定します。
追記箇所:青文字

vi /lib/systemd/system/open5gs-webui.service

[Unit]
Description=Open5GS WebUI
Wants=mongodb.service mongod.service

[Service]
Type=simple

WorkingDirectory=/usr/lib/node_modules/open5gs
Environment=NODE_ENV=production
Environment=HOSTNAME=0.0.0.0
Environment=PORT=3000
ExecStart=/usr/bin/node server/index.js
Restart=always
RestartSec=2

[Install]
WantedBy=multi-user.target

設定が完了したら、設定反映とサービス再起動を実施します。

systemctl daemon-reload
systemctl restart open5gs-webui

<補足>
サービスのステータスが以下のようになっていればOKです。

systemctl status open5gs-webui.service

root@u222c112:~# systemctl status open5gs-webui.service
● open5gs-webui.service - Open5GS WebUI
     Loaded: loaded (/lib/systemd/system/open5gs-webui.service; enabled; vendor prese>
     Active: active (running) since Thu 2024-02-01 18:34:23 JST; 3s ago
   Main PID: 8279 (node)
      Tasks: 14 (limit: 4530)
     Memory: 54.9M
        CPU: 442ms
     CGroup: /system.slice/open5gs-webui.service
             └─8279 /usr/bin/node server/index.js

Feb 01 18:34:23 u222c112 systemd[1]: Started Open5GS WebUI.
Feb 01 18:34:24 u222c112 node[8279]: (node:8279) DeprecationWarning: collection.ensur>
Feb 01 18:34:24 u222c112 node[8279]: (Use `node --trace-deprecation ...` to show wher>
Feb 01 18:34:24 u222c112 node[8279]: > Ready on http://0.0.0.0:3000
3-5.加入者情報(Subscriber)の登録

Web Consoleにアクセスして加入者情報を登録します。
0.0.0.0:3000にてListenしていますので、ブラウザを開いてHTTPでアクセスしてください。

今回は例として、http://192.168.11.112:3000/にアクセスしています。
Username:admn
Password:1423

ログイン後、以下の画面が表示されますので、ADD A SUBSCRIBERをクリック。

Subscriber Configuration画面にて、以下のIMSIを入力し、SAVEをクリック。
IMSI:999700000000001
K値やOPcはDefaultのままでOKです。

元の画面に戻ります。
右下の赤い+をクリックし、同様の手順にて、連番のIMSIで2~3登録します。

IMSI:999700000000001、999700000000002、999700000000003を登録しました。

3-6.AMFの設定

ループバックアドレス(127.0.0.5)を実IP(192.168.56.112)に変更します。
127.0.0.5は複数あるため変更箇所を間違えないように気を付けてください。
yaml形式なので把握し易いですが、nagp:配下のサービス待ち受けアドレス127.0.0.5を変更します。
変更箇所:緑文字

vi /etc/open5gs/amf.yaml

  ngap:
    server:
      - address: 192.168.56.112
3-7.UPFの設定

ループバックアドレス(127.0.0.7)を実IP(192.168.56.112)に変更します。
UPFの場合は、gtpu:配下のサービス待ち受けアドレス127.0.0.7を変更します。
変更箇所:緑文字

vi /etc/open5gs/upf.yaml

  gtpu:
    server:
      - address: 192.168.56.112
3-8.未使用サービスの停止

4G関連の使用しないサービスを停止します。*6

for service in open5gs-hssd open5gs-mmed open5gs-pcrfd open5gs-sgwcd open5gs-sgwud; do
  systemctl stop "$service"
  systemctl disable "$service"
done

reboot
3-9.再起動後の確認

前項にて再起動後、以下のコマンドでサービス起動確認をしてください。
hssd, mmed, pcrfd, sgwcd, sgwudがdisabledであればOKです。

systemctl list-unit-files --type=service |grep open5gs

root@u222c112:~# systemctl list-unit-files --type=service |grep open5gs
open5gs-amfd.service                       enabled         enabled
open5gs-ausfd.service                      enabled         enabled
open5gs-bsfd.service                       enabled         enabled
open5gs-hssd.service                       disabled        enabled
open5gs-mmed.service                       disabled        enabled
open5gs-nrfd.service                       enabled         enabled
open5gs-nssfd.service                      enabled         enabled
open5gs-pcfd.service                       enabled         enabled
open5gs-pcrfd.service                      disabled        enabled
open5gs-scpd.service                       enabled         enabled
open5gs-sgwcd.service                      disabled        enabled
open5gs-sgwud.service                      disabled        enabled
open5gs-smfd.service                       enabled         enabled
open5gs-udmd.service                       enabled         enabled
open5gs-udrd.service                       enabled         enabled
open5gs-upfd.service                       enabled         enabled
open5gs-webui.service                      enabled         enabled

加えて、以下のコマンドで待ち受けIPアドレスの確認を行ってください。
以下のようになっていればOKです。

cat /var/log/open5gs/amf.log |grep ngap_server
cat /var/log/open5gs/upf.log |grep gtp_server

root@u222c112:~# cat /var/log/open5gs/amf.log |grep ngap_server
02/01 18:23:43.215: [amf] INFO: ngap_server() [127.0.0.5]:38412 (../src/amf/ngap-sctp.c:61)
02/01 19:14:37.767: [amf] INFO: ngap_server() [192.168.56.112]:38412 (../src/amf/ngap-sctp.c:61)

root@u222c112:~# cat /var/log/open5gs/upf.log |grep gtp_server
02/01 18:23:45.149: [gtp] INFO: gtp_server() [127.0.0.7]:2152 (../lib/gtp/path.c:30)
02/01 19:14:37.864: [gtp] INFO: gtp_server() [192.168.56.112]:2152 (../lib/gtp/path.c:30)

4.UERANSIM設定

u222c111:UERANSIMの端末で作業します。

4-1.必要なアプリのインストール
apt update
apt -y install make g++ libsctp-dev lksctp-tools iproute2
snap install cmake --classic
reboot
4-2.UERANSIMのビルド
cd ~
git clone https://github.com/aligungr/UERANSIM
cd UERANSIM
git checkout 3a96298
make

<出力例>
makeには少し時間を要しますが、以下のような出力であればOKです。

root@u222c111:~/UERANSIM# make
rm -fr logs # Old version log files
mkdir -p build
rm -fr build/*
# cmake -DCMAKE_BUILD_TYPE=Debug -G "CodeBlocks - Unix Makefiles" . -B cmake-build-debug
cmake -DCMAKE_BUILD_TYPE=Release -G "CodeBlocks - Unix Makefiles" . -B cmake-build-release
CMake Deprecation Warning:
  Support for "Extra Generators" like

    CodeBlocks

  is deprecated and will be removed from a future version of CMake.  IDEs may
  use the cmake-file-api(7) to view CMake-generated project build trees.


-- The C compiler identification is GNU 11.4.0
-- The CXX compiler identification is GNU 11.4.0
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Check for working C compiler: /usr/bin/cc - skipped
-- Detecting C compile features
-- Detecting C compile features - done
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Check for working CXX compiler: /usr/bin/c++ - skipped
-- Detecting CXX compile features
-- Detecting CXX compile features - done
-- Configuring done (0.3s)
-- Generating done (0.1s)
-- Build files have been written to: /root/UERANSIM/cmake-build-release
# cmake --build cmake-build-debug --target all
cmake --build cmake-build-release --target all
gmake[1]: Entering directory '/root/UERANSIM/cmake-build-release'
gmake[2]: Entering directory '/root/UERANSIM/cmake-build-release'
gmake[3]: Entering directory '/root/UERANSIM/cmake-build-release'
gmake[3]: Leaving directory '/root/UERANSIM/cmake-build-release'
gmake[3]: Entering directory '/root/UERANSIM/cmake-build-release'
[  0%] Building C object src/asn/asn1c/CMakeFiles/asn-asn1c.dir/ANY.c.o
[  0%] Building C object src/asn/asn1c/CMakeFiles/asn-asn1c.dir/BIT_STRING.c.o
[  0%] Building C object src/asn/asn1c/CMakeFiles/asn-asn1c.dir/BOOLEAN.c.o
[  0%] Building C object src/asn/asn1c/CMakeFiles/asn-asn1c.dir/INTEGER.c.o

=== s n i p ===

[100%] Building CXX object CMakeFiles/nr-cli.dir/src/cli.cpp.o
[100%] Linking CXX executable nr-cli
gmake[3]: Leaving directory '/root/UERANSIM/cmake-build-release'
[100%] Built target nr-cli
gmake[2]: Leaving directory '/root/UERANSIM/cmake-build-release'
gmake[1]: Leaving directory '/root/UERANSIM/cmake-build-release'
cp cmake-build-release/nr-gnb build/
cp cmake-build-release/nr-ue build/
cp cmake-build-release/nr-cli build/
cp cmake-build-release/libdevbnd.so build/
cp tools/nr-binder build/
UERANSIM successfully built.
4-3.gNBの設定

自身のIPと接続先AMFのIPを設定します。
いずれもループバックアドレスになっているため、実際のIPに変更します。
変更箇所:緑文字

vi /root/UERANSIM/config/open5gs-gnb.yaml

linkIp: 192.168.56.111   # gNB's local IP address for Radio Link Simulation (Usually same with local IP)
ngapIp: 192.168.56.111   # gNB's local IP address for N2 Interface (Usually same with local IP)
gtpIp: 192.168.56.111    # gNB's local IP address for N3 Interface (Usually same with local IP)

# List of AMF address information
amfConfigs:
  - address: 192.168.56.112
    port: 38412
4-4.UEの設定

gNB Search ListのIPをループバックアドレスから自身のIPに変更します。
変更箇所:緑文字

vi /root/UERANSIM/config/open5gs-ue.yaml

# List of gNB IP addresses for Radio Link Simulation
gnbSearchList:
  - 192.168.56.111

補足1
IMSIやK値、OPcなどは既に設定済みです。
Open5GS Web Consoleの値と一致しているかを確認してもよいと思います。

open5gs-ue.yamlでの出力例

cat /root/UERANSIM/config/open5gs-ue.yaml

root@u222c111:~/UERANSIM# cat /root/UERANSIM/config/open5gs-ue.yaml
# IMSI number of the UE. IMSI = [MCC|MNC|MSISDN] (In total 15 digits)
supi: 'imsi-999700000000001'
# Mobile Country Code value of HPLMN
mcc: '999'
# Mobile Network Code value of HPLMN (2 or 3 digits)
mnc: '70'
# SUCI Protection Scheme : 0 for Null-scheme, 1 for Profile A and 2 for Profile B
protectionScheme: 0
# Home Network Public Key for protecting with SUCI Profile A
homeNetworkPublicKey: '5a8d38864820197c3394b92613b20b91633cbd897119273bf8e4a6f4eec0a65
0'
# Home Network Public Key ID for protecting with SUCI Profile A
homeNetworkPublicKeyId: 1
# Routing Indicator
routingIndicator: '0000'

# Permanent subscription key
key: '465B5CE8B199B49FAA5F0A2EE238A6BC'
# Operator code (OP or OPC) of the UE
op: 'E8ED289DEBA952E4283B54E88E6183CA'
# This value specifies the OP type and it can be either 'OP' or 'OPC'
opType: 'OPC'
# Authentication Management Field (AMF) value
amf: '8000'
# IMEI number of the device. It is used if no SUPI is provided
imei: '356938035643803'
# IMEISV number of the device. It is used if no SUPI and IMEI is provided
imeiSv: '4370816125816151'

Open5GS Web Consoleでの出力例

補足2
K値やOPcについて、厳密にはきちんと設定する必要があります。
テスト用の値は、3GPP TS 35.208に記載があるので参照してもよいと思います。
私が確認した 3GPP TS 35.208 V17.0.0 (2022-03) では、4.3 Test Setsに20個のサンプルが記載されていました。



5.簡易動作確認

インストールが完了しましたので、各端末のDNSやDefaultGW設定を変更後、簡易動作確認を実施していきます。

5-1.u222c111:UERANSIMのNW設定

以下のように変更し、設定を反映させます。

root@u222c111:~# cat /etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
  ethernets:
    ens33:
      addresses:
      - 192.168.11.111/24
    ens35:
      addresses:
      - 192.168.56.111/24
  version: 2

続いて、resolv.confを修正します。
変更箇所:緑文字

vi /etc/resolv.conf

nameserver 8.8.8.8

一旦、再起動します。

<route設定>
再起動後、Default Routeが消えていればOKです。

route -n

root@u222c111:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.11.0    0.0.0.0         255.255.255.0   U     0      0        0 ens33
192.168.56.0    0.0.0.0         255.255.255.0   U     0      0        0 ens35

DNS設定>
nameserverが8.8.8.8になっていればOKです。*7

cat /run/systemd/resolve/resolv.conf |grep nameserver

root@u222c111:~# cat /run/systemd/resolve/resolv.conf |grep nameserver
nameserver 8.8.8.8
5-2.u222c112:Open5GSのNW設定

以下のように変更し、設定を反映させます。

root@u222c112:~# cat /etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
  ethernets:
    ens33:
      addresses:
      - 192.168.11.112/24
    ens35:
      addresses:
      - 192.168.56.112/24
    ens37:
      addresses:
      - 192.168.33.112/24
      routes:
      - to: default
        via: 192.168.33.1
  version: 2

一旦、再起動します。

<route設定>
再起動後、Default RouteのNext-Hopが192.168.33.1に変わっていればOKです。

route -n

root@u222c112:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.33.1    0.0.0.0         UG    0      0        0 ens37
10.45.0.0       0.0.0.0         255.255.0.0     U     0      0        0 ogstun
192.168.11.0    0.0.0.0         255.255.255.0   U     0      0        0 ens33
192.168.33.0    0.0.0.0         255.255.255.0   U     0      0        0 ens37
192.168.56.0    0.0.0.0         255.255.255.0   U     0      0        0 ens35
5-3.動作確認前の準備

u222c111:UERANSIMは、ssh接続して、ターミナルを3つ用意してください。
これはUERANSIMのgNBやUEがforegroundで動作するためです。

u222c111:UERANSIM ターミナルA gNB用
u222c111:UERANSIM ターミナルB UE用
u222c111:UERANSIM ターミナルC 通信確認用

u222c112:Open5GSは、ターミナル無しで構いません。
但し、初回UEアタッチ時はログが見れた方が良いと思うので、ターミナルは3つ程度用意しておいた方が良いです。
参照しておいた方が良いログは、以下3つとなります。

  • /var/log/open5gs/amf.log
  • /var/log/open5gs/smf.log
  • /var/log/open5gs/upf.log
u222c112:Open5GS ターミナルD AMF用
u222c112:Open5GS ターミナルE SMF用
u222c112:Open5GS ターミナルF UPF用

以降は、上記ターミナルA~Fが用意されている前提で記載していきます。

5-4.ログ出力設定

各ターミナルで、tail -fを実行しておきます。
ターミナルD:AMF

tail -f /var/log/open5gs/amf.log

ターミナルE:SMF

tail -f /var/log/open5gs/smf.log

ターミナルF:UPF

tail -f /var/log/open5gs/upf.log
5-5.gNB&UEの起動と通信確認

ターミナルAとBでgNBとUEを起動します。
ターミナルA:gNB

cd ~/UERANSIM && \
build/nr-gnb -c config/open5gs-gnb.yaml

ターミナルB:UE

cd ~/UERANSIM && \
build/nr-ue -c config/open5gs-ue.yaml

ターミナルC:通信確認
UEが正常起動したら、Default RouteのNext-Hopをuesimtun0に指定して、NATルータまで疎通確認を行います。

ip route add default dev uesimtun0

ping 192.168.33.1
5-6.起動時のログ出力例

ターミナルD:AMF

root@u222c112:~# tail -f /var/log/open5gs/amf.log 

02/02 07:01:39.750: [amf] INFO: gNB-N2 accepted[192.168.56.111]:43431 in ng-path module (../src/amf/ngap-sctp.c:113)
02/02 07:01:39.750: [amf] INFO: gNB-N2 accepted[192.168.56.111] in master_sm module (../src/amf/amf-sm.c:741)
02/02 07:01:39.754: [amf] INFO: [Added] Number of gNBs is now 1 (../src/amf/context.c:1231)
02/02 07:01:39.754: [amf] INFO: gNB-N2[192.168.56.111] max_num_of_ostreams : 10 (../src/amf/amf-sm.c:780)
02/02 07:01:45.820: [amf] INFO: InitialUEMessage (../src/amf/ngap-handler.c:401)
02/02 07:01:45.820: [amf] INFO: [Added] Number of gNB-UEs is now 1 (../src/amf/context.c:2550)
02/02 07:01:45.820: [amf] INFO:     RAN_UE_NGAP_ID[1] AMF_UE_NGAP_ID[1] TAC[1] CellID[0x10] (../src/amf/ngap-handler.c:562)
02/02 07:01:45.820: [amf] INFO: [suci-0-999-70-0000-0-0-0000000001] Unknown UE by SUCI (../src/amf/context.c:1835)
02/02 07:01:45.820: [amf] INFO: [Added] Number of AMF-UEs is now 1 (../src/amf/context.c:1616)
02/02 07:01:45.820: [gmm] INFO: Registration request (../src/amf/gmm-sm.c:1165)
02/02 07:01:45.820: [gmm] INFO: [suci-0-999-70-0000-0-0-0000000001]    SUCI (../src/amf/gmm-handler.c:166)
02/02 07:01:46.040: [gmm] INFO: [imsi-999700000000001] Registration complete (../src/amf/gmm-sm.c:2146)
02/02 07:01:46.041: [amf] INFO: [imsi-999700000000001] Configuration update command (../src/amf/nas-path.c:612)
02/02 07:01:46.041: [gmm] INFO:     UTC [2024-02-01T22:01:46] Timezone[0]/DST[0] (../src/amf/gmm-build.c:559)
02/02 07:01:46.041: [gmm] INFO:     LOCAL [2024-02-02T07:01:46] Timezone[32400]/DST[0] (../src/amf/gmm-build.c:564)
02/02 07:01:46.041: [amf] INFO: [Added] Number of AMF-Sessions is now 1 (../src/amf/context.c:2571)
02/02 07:01:46.041: [gmm] INFO: UE SUPI[imsi-999700000000001] DNN[internet] S_NSSAI[SST:1 SD:0xffffff] smContextRef [NULL] (../src/amf/gmm-handler.c:1241)
02/02 07:01:46.041: [gmm] INFO: SMF Instance [d6eb5314-c147-41ee-b28f-b5844066cb66] (../src/amf/gmm-handler.c:1280)
02/02 07:01:46.052: [amf] INFO: [imsi-999700000000001:1:11][0:0:NULL] /nsmf-pdusession/v1/sm-contexts/{smContextRef}/modify (../src/amf/nsmf-handler.c:837)

ターミナルE:SMF

root@u222c112:~# tail -f /var/log/open5gs/smf.log

02/02 07:01:46.041: [smf] INFO: [Added] Number of SMF-UEs is now 1 (../src/smf/context.c:1019)
02/02 07:01:46.042: [smf] INFO: [Added] Number of SMF-Sessions is now 1 (../src/smf/context.c:3068)
02/02 07:01:46.047: [smf] INFO: UE SUPI[imsi-999700000000001] DNN[internet] IPv4[10.45.0.2] IPv6[] (../src/smf/npcf-handler.c:539)
02/02 07:01:46.048: [gtp] INFO: gtp_connect() [192.168.56.112]:2152 (../lib/gtp/path.c:60)

ターミナルF:UPF

root@u222c112:~# tail -f /var/log/open5gs/upf.log

02/02 07:01:46.047: [upf] INFO: [Added] Number of UPF-Sessions is now 1 (../src/upf/context.c:208)
02/02 07:01:46.047: [gtp] INFO: gtp_connect() [127.0.0.4]:2152 (../lib/gtp/path.c:60)
02/02 07:01:46.047: [upf] INFO: UE F-SEID[UP:0xece CP:0x442] APN[internet] PDN-Type[1] IPv4[10.45.0.2] IPv6 (../src/upf/context.c:485)
02/02 07:01:46.047: [upf] INFO: UE F-SEID[UP:0xece CP:0x442] APN[internet] PDN-Type[1] IPv4[10.45.0.2] IPv6 (../src/upf/context.c:485)
02/02 07:01:46.050: [gtp] INFO: gtp_connect() [192.168.56.111]:2152 (../lib/gtp/path.c:60)

ターミナルA:gNB

root@u222c111:~# cd ~/UERANSIM && \
build/nr-gnb -c config/open5gs-gnb.yaml

UERANSIM v3.2.6
[2024-02-02 07:01:39.741] [sctp] [info] Trying to establish SCTP connection... (192.168.56.112:38412)
[2024-02-02 07:01:39.750] [sctp] [info] SCTP connection established (192.168.56.112:38412)
[2024-02-02 07:01:39.750] [sctp] [debug] SCTP association setup ascId[3]
[2024-02-02 07:01:39.750] [ngap] [debug] Sending NG Setup Request
[2024-02-02 07:01:39.755] [ngap] [debug] NG Setup Response received
[2024-02-02 07:01:39.755] [ngap] [info] NG Setup procedure is successful
[2024-02-02 07:01:45.817] [rrc] [debug] UE[1] new signal detected
[2024-02-02 07:01:45.819] [rrc] [info] RRC Setup for UE[1]
[2024-02-02 07:01:45.819] [ngap] [debug] Initial NAS message received from UE[1]
[2024-02-02 07:01:45.836] [ngap] [debug] Initial Context Setup Request received
[2024-02-02 07:01:46.049] [ngap] [info] PDU session resource(s) setup for UE[1] count[1]

ターミナルB:UE

root@u222c111:~# cd ~/UERANSIM && \
build/nr-ue -c config/open5gs-ue.yaml

UERANSIM v3.2.6
[2024-02-02 07:01:45.817] [nas] [info] UE switches to state [MM-DEREGISTERED/PLMN-SEARCH]
[2024-02-02 07:01:45.817] [rrc] [debug] New signal detected for cell[1], total [1] cells in coverage
[2024-02-02 07:01:45.817] [nas] [info] Selected plmn[999/70]
[2024-02-02 07:01:45.818] [rrc] [info] Selected cell plmn[999/70] tac[1] category[SUITABLE]
[2024-02-02 07:01:45.818] [nas] [info] UE switches to state [MM-DEREGISTERED/PS]
[2024-02-02 07:01:45.818] [nas] [info] UE switches to state [MM-DEREGISTERED/NORMAL-SERVICE]
[2024-02-02 07:01:45.818] [nas] [debug] Initial registration required due to [MM-DEREG-NORMAL-SERVICE]
[2024-02-02 07:01:45.818] [nas] [debug] UAC access attempt is allowed for identity[0], category[MO_sig]
[2024-02-02 07:01:45.818] [nas] [debug] Sending Initial Registration
[2024-02-02 07:01:45.818] [nas] [info] UE switches to state [MM-REGISTER-INITIATED]
[2024-02-02 07:01:45.818] [rrc] [debug] Sending RRC Setup Request
[2024-02-02 07:01:45.819] [rrc] [info] RRC connection established
[2024-02-02 07:01:45.819] [rrc] [info] UE switches to state [RRC-CONNECTED]
[2024-02-02 07:01:45.819] [nas] [info] UE switches to state [CM-CONNECTED]
[2024-02-02 07:01:45.826] [nas] [debug] Authentication Request received
[2024-02-02 07:01:45.829] [nas] [debug] Security Mode Command received
[2024-02-02 07:01:45.829] [nas] [debug] Selected integrity[2] ciphering[0]
[2024-02-02 07:01:45.837] [nas] [debug] Registration accept received
[2024-02-02 07:01:45.837] [nas] [info] UE switches to state [MM-REGISTERED/NORMAL-SERVICE]
[2024-02-02 07:01:45.837] [nas] [debug] Sending Registration Complete
[2024-02-02 07:01:45.837] [nas] [info] Initial Registration is successful
[2024-02-02 07:01:45.837] [nas] [debug] Sending PDU Session Establishment Request
[2024-02-02 07:01:45.837] [nas] [debug] UAC access attempt is allowed for identity[0], category[MO_sig]
[2024-02-02 07:01:46.040] [nas] [debug] Configuration Update Command received
[2024-02-02 07:01:46.050] [nas] [debug] PDU Session Establishment Accept received
[2024-02-02 07:01:46.050] [nas] [info] PDU Session establishment is successful PSI[1]
[2024-02-02 07:01:46.064] [app] [info] Connection setup for PDU session[1] is successful, TUN interface[uesimtun0, 10.45.0.2] is up.

ターミナルC:通信確認

root@u222c111:~# ip route add default dev uesimtun0

root@u222c111:~# ping 192.168.33.1
PING 192.168.33.1 (192.168.33.1) 56(84) bytes of data.
64 bytes from 192.168.33.1: icmp_seq=1 ttl=254 time=1.54 ms
64 bytes from 192.168.33.1: icmp_seq=2 ttl=254 time=1.69 ms
64 bytes from 192.168.33.1: icmp_seq=3 ttl=254 time=1.50 ms
64 bytes from 192.168.33.1: icmp_seq=4 ttl=254 time=1.60 ms
^C
--- 192.168.33.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3006ms
rtt min/avg/max/mdev = 1.496/1.582/1.693/0.073 ms

<補足>
ここまで正常確認ができれば全てOKです。
インターネット向け通信については、NATルータ上でNAPT(IPマスカレード)設定を行った後、UEからcurl www.google.comなどにアクセスしてみてください。
NATルータの192.168.33.1に疎通OKなので、ひとまず5G Core内の動作が正常であることを担保できています。

6.Open5GSの分離

u222c112:Open5GSについて、UPFとそれ以外*8に分離した後、以下の構成に変更します。

u222c112 UPF用 以降、u222c112:UPFと記載
u222c113 AMF, SMF用 以降、u222c113:AMFと記載


具体的には、u222c112をクローンしてu222c113を作成します。
Subnetが変わるため、端末のIPを変更します。
低レイヤでは仮想NICの接続先LANセグメントや仮想SWを変更するなどの作業も発生します。
この点については、各環境に合わせて変更してください。*9

加えて、各端末間でRoutingを行うためVyosを導入します。*10
各インターフェースにGWとなるIPを設定するだけで、特にRouting周りの設定は不要です。*11
<Vyos設定例>

vyos@vyos14c114# run show configuration commands
set interfaces ethernet eth0 address '192.168.11.114/24'
set interfaces ethernet eth0 hw-id '00:0c:29:c6:ea:14'
set interfaces ethernet eth1 address '192.168.56.1/24'
set interfaces ethernet eth1 hw-id '00:0c:29:c6:ea:1e'
set interfaces ethernet eth2 address '192.168.57.1/24'
set interfaces ethernet eth2 hw-id '00:0c:29:c6:ea:28'
set interfaces ethernet eth3 address '192.168.58.1/24'
set interfaces ethernet eth3 hw-id '00:0c:29:c6:ea:32'

vyos@vyos14c114# run sho ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
       f - OpenFabric,
       > - selected route, * - FIB route, q - queued, r - rejected, b - backup
       t - trapped, o - offload failure

C>* 192.168.11.0/24 is directly connected, eth0, 00:43:13
C>* 192.168.56.0/24 is directly connected, eth1, 00:40:52
C>* 192.168.57.0/24 is directly connected, eth2, 00:40:52
C>* 192.168.58.0/24 is directly connected, eth3, 00:40:52
6-1.u222c112:UPFの設定
6-1-1.u222c112:UPFのNW設定

NW周りの設定を変更します。

root@u222c112:~# cat /etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
  ethernets:
    ens33:
      addresses:
      - 192.168.11.112/24
    ens35:
      addresses:
      - 192.168.58.112/24
      routes:
      - to: 192.168.56.0/22
        via: 192.168.58.1
    ens37:
      addresses:
      - 192.168.33.112/24
      routes:
      - to: default
        via: 192.168.33.1
  version: 2

設定変更&反映後、以下のようになっていればOKです。

root@u222c112:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.33.1    0.0.0.0         UG    0      0        0 ens37
192.168.11.0    0.0.0.0         255.255.255.0   U     0      0        0 ens33
192.168.33.0    0.0.0.0         255.255.255.0   U     0      0        0 ens37
192.168.56.0    192.168.58.1    255.255.252.0   UG    0      0        0 ens35
192.168.58.0    0.0.0.0         255.255.255.0   U     0      0        0 ens35
6-1-2.u222c112:UPFのサービス設定

UPF上で不要なサービスを停止&無効化します。

for service in open5gs-amfd open5gs-ausfd open5gs-bsfd open5gs-nrfd open5gs-nssfd open5gs-pcfd open5gs-scpd open5gs-smfd open5gs-udmd open5gs-udrd open5gs-webui; do
  systemctl stop "$service"
  systemctl disable "$service"
done
6-1-3.u222c112:UPFのyaml設定

gtpu serverの待ち受けアドレスに加えて、pfcp serverの待ち受けアドレスも変更します。
変更箇所:緑文字

vi /etc/open5gs/upf.yaml

upf:
  pfcp:
    server:
      - address: 192.168.58.112
    client:
#      smf:     #  UPF PFCP Client try to associate SMF PFCP Server
#        - address: 127.0.0.4
  gtpu:
    server:
      - address: 192.168.58.112

設定が完了したら、一旦再起動をしておきます。

6-2.u222c113:AMFの設定変更
6-2-1.u222c113:AMFのNW設定

NW周りの設定を変更します。

root@u222c113:~# cat /etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
  ethernets:
    ens33:
      addresses:
      - 192.168.11.113/24
    ens35:
      addresses:
      - 192.168.57.113/24
      routes:
      - to: 192.168.56.0/22
        via: 192.168.57.1
  version: 2

設定変更&反映後、以下のようになっていればOKです。

root@u222c113:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.11.0    0.0.0.0         255.255.255.0   U     0      0        0 ens33
192.168.56.0    192.168.57.1    255.255.252.0   UG    0      0        0 ens35
192.168.57.0    0.0.0.0         255.255.255.0   U     0      0        0 ens35
6-2-2.u222c113:AMFのサービス設定

UPFサービスを停止&無効化します。

systemctl stop open5gs-upfd.service && \
systemctl disable open5gs-upfd.service
6-2-3.u222c113:AMFのamf.yaml設定

ngap serverの待ち受けアドレスを変更します。
変更箇所:緑文字

vi /etc/open5gs/amf.yaml

  ngap:
    server:
      - address: 192.168.57.113
6-2-4.u222c113:AMFのsmf.yaml設定

UPFを分離したため、smf.yamlの設定変更が必要になります。
pfcp serverの待ち受けアドレスと、pfcp clientの接続先アドレス(=UPFのアドレス)を変更します。
変更箇所:緑文字

vi /etc/open5gs/smf.yaml

  pfcp:
    server:
      - address: 192.168.57.113
    client:
      upf:
        - address: 192.168.58.112
6-3.u222c111:UERANSIMの設定変更
6-3-1.u222c111:UERANSIMのNW設定

NW周りの設定を変更します。

root@u222c111:~# cat /etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
  ethernets:
    ens33:
      addresses:
      - 192.168.11.111/24
    ens35:
      addresses:
      - 192.168.56.111/24
      routes:
      - to: 192.168.56.0/22
        via: 192.168.56.1
  version: 2

設定変更&反映後、以下のようになっていればOKです。*12

root@u222c111:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.11.0    0.0.0.0         255.255.255.0   U     0      0        0 ens33
192.168.56.0    0.0.0.0         255.255.255.0   U     0      0        0 ens35
192.168.56.0    192.168.56.1    255.255.252.0   UG    0      0        0 ens35
6-3-2.u222c111:UERANSIMのyaml設定

AMFへの接続先アドレスを変更します。
変更箇所:緑文字

vi /root/UERANSIM/config/open5gs-gnb.yaml

# List of AMF address information
amfConfigs:
  - address: 192.168.57.113
    port: 38412

7.動作確認

5.簡易動作確認と同様にターミナルA~Fが用意されている前提で記載していきます。

u222c111:UERANSIM ターミナルA gNB用
u222c111:UERANSIM ターミナルB UE用
u222c111:UERANSIM ターミナルC 通信確認用
u222c113:AMF ターミナルD AMF用
u222c113:AMF ターミナルE SMF用
u222c112:UPF ターミナルF UPF用

各インターフェース名が入った構成図を再掲しておきます。

7-1.ログ出力設定

コマンドは、5.簡易動作確認と全く同じですが再掲しておきます。

各ターミナルで、tail -fを実行しておきます。
ターミナルD:AMF

tail -f /var/log/open5gs/amf.log

ターミナルE:SMF

tail -f /var/log/open5gs/smf.log

ターミナルF:UPF

tail -f /var/log/open5gs/upf.log
7-2.gNB&UEの起動と通信確認

ターミナルAとBでgNBとUEを起動します。
ターミナルA:gNB

cd ~/UERANSIM && \
build/nr-gnb -c config/open5gs-gnb.yaml

ターミナルB:UE

cd ~/UERANSIM && \
build/nr-ue -c config/open5gs-ue.yaml

ターミナルC:通信確認
UEが正常起動したら、Default RouteのNext-Hopをuesimtun0に指定して、NATルータまで疎通確認を行います。

ip route add default dev uesimtun0

ping 192.168.33.1

次項では、各ターミナルにおける正常時の出力例を記載していきます。

7-3.起動時のログ出力例

ターミナルD:AMF

root@u222c113:~# tail -f /var/log/open5gs/amf.log 

02/02 12:38:34.152: [amf] INFO: gNB-N2 accepted[192.168.56.111]:50398 in ng-path module (../src/amf/ngap-sctp.c:113)
02/02 12:38:34.152: [amf] INFO: gNB-N2 accepted[192.168.56.111] in master_sm module (../src/amf/amf-sm.c:741)
02/02 12:38:34.156: [amf] INFO: [Added] Number of gNBs is now 1 (../src/amf/context.c:1231)
02/02 12:38:34.157: [amf] INFO: gNB-N2[192.168.56.111] max_num_of_ostreams : 10 (../src/amf/amf-sm.c:780)
02/02 12:38:41.607: [amf] INFO: InitialUEMessage (../src/amf/ngap-handler.c:401)
02/02 12:38:41.607: [amf] INFO: [Added] Number of gNB-UEs is now 1 (../src/amf/context.c:2550)
02/02 12:38:41.607: [amf] INFO:     RAN_UE_NGAP_ID[1] AMF_UE_NGAP_ID[1] TAC[1] CellID[0x10] (../src/amf/ngap-handler.c:562)
02/02 12:38:41.607: [amf] INFO: [suci-0-999-70-0000-0-0-0000000001] Unknown UE by SUCI (../src/amf/context.c:1835)
02/02 12:38:41.608: [amf] INFO: [Added] Number of AMF-UEs is now 1 (../src/amf/context.c:1616)
02/02 12:38:41.608: [gmm] INFO: Registration request (../src/amf/gmm-sm.c:1165)
02/02 12:38:41.608: [gmm] INFO: [suci-0-999-70-0000-0-0-0000000001]    SUCI (../src/amf/gmm-handler.c:166)
02/02 12:38:41.619: [sbi] INFO: [UDM] (SCP-discover) NF registered [1ac074c8-c17c-41ee-b2d4-338cf5ac6abc:1] (../lib/sbi/path.c:211)
02/02 12:38:41.621: [sbi] WARNING: [UDM] (SCP-discover) NF has already been added [1ac074c8-c17c-41ee-b2d4-338cf5ac6abc:2] (../lib/sbi/path.c:216)
02/02 12:38:41.829: [gmm] INFO: [imsi-999700000000001] Registration complete (../src/amf/gmm-sm.c:2146)
02/02 12:38:41.829: [amf] INFO: [imsi-999700000000001] Configuration update command (../src/amf/nas-path.c:612)
02/02 12:38:41.830: [gmm] INFO:     UTC [2024-02-02T03:38:41] Timezone[0]/DST[0] (../src/amf/gmm-build.c:559)
02/02 12:38:41.830: [gmm] INFO:     LOCAL [2024-02-02T12:38:41] Timezone[32400]/DST[0] (../src/amf/gmm-build.c:564)
02/02 12:38:41.830: [amf] INFO: [Added] Number of AMF-Sessions is now 1 (../src/amf/context.c:2571)
02/02 12:38:41.830: [gmm] INFO: UE SUPI[imsi-999700000000001] DNN[internet] S_NSSAI[SST:1 SD:0xffffff] smContextRef [NULL] (../src/amf/gmm-handler.c:1241)
02/02 12:38:41.830: [gmm] INFO: SMF Instance [1ad5297c-c17c-41ee-a541-7dc64ea9161c] (../src/amf/gmm-handler.c:1280)
02/02 12:38:41.843: [amf] INFO: [imsi-999700000000001:1:11][0:0:NULL] /nsmf-pdusession/v1/sm-contexts/{smContextRef}/modify (../src/amf/nsmf-handler.c:837)

ターミナルE:SMF

root@u222c113:~# tail -f /var/log/open5gs/smf.log

02/02 12:38:41.831: [smf] INFO: [Added] Number of SMF-UEs is now 1 (../src/smf/context.c:1019)
02/02 12:38:41.831: [smf] INFO: [Added] Number of SMF-Sessions is now 1 (../src/smf/context.c:3068)
02/02 12:38:41.834: [sbi] INFO: [UDM] (SCP-discover) NF registered [1ac074c8-c17c-41ee-b2d4-338cf5ac6abc:1] (../lib/sbi/path.c:211)
02/02 12:38:41.837: [smf] INFO: UE SUPI[imsi-999700000000001] DNN[internet] IPv4[10.45.0.2] IPv6[] (../src/smf/npcf-handler.c:539)
02/02 12:38:41.838: [gtp] INFO: gtp_connect() [192.168.58.112]:2152 (../lib/gtp/path.c:60)
02/02 12:38:41.843: [sbi] WARNING: [UDM] (SCP-discover) NF has already been added [1ac074c8-c17c-41ee-b2d4-338cf5ac6abc:2] (../lib/sbi/path.c:216)

ターミナルF:UPF

root@u222c112:~# tail -f /var/log/open5gs/upf.log

02/02 12:38:41.837: [upf] INFO: [Added] Number of UPF-Sessions is now 1 (../src/upf/context.c:208)
02/02 12:38:41.837: [gtp] INFO: gtp_connect() [127.0.0.4]:2152 (../lib/gtp/path.c:60)
02/02 12:38:41.837: [upf] INFO: UE F-SEID[UP:0x937 CP:0x83c] APN[internet] PDN-Type[1] IPv4[10.45.0.2] IPv6 (../src/upf/context.c:485)
02/02 12:38:41.837: [upf] INFO: UE F-SEID[UP:0x937 CP:0x83c] APN[internet] PDN-Type[1] IPv4[10.45.0.2] IPv6 (../src/upf/context.c:485)
02/02 12:38:41.840: [gtp] INFO: gtp_connect() [192.168.56.111]:2152 (../lib/gtp/path.c:60)

ターミナルA:gNB

root@u222c111:~# cd ~/UERANSIM && \
build/nr-gnb -c config/open5gs-gnb.yaml

UERANSIM v3.2.6
[2024-02-02 12:38:34.129] [sctp] [info] Trying to establish SCTP connection... (192.168.57.113:38412)
[2024-02-02 12:38:34.152] [sctp] [info] SCTP connection established (192.168.57.113:38412)
[2024-02-02 12:38:34.152] [sctp] [debug] SCTP association setup ascId[3]
[2024-02-02 12:38:34.152] [ngap] [debug] Sending NG Setup Request
[2024-02-02 12:38:34.157] [ngap] [debug] NG Setup Response received
[2024-02-02 12:38:34.158] [ngap] [info] NG Setup procedure is successful
[2024-02-02 12:38:41.605] [rrc] [debug] UE[1] new signal detected
[2024-02-02 12:38:41.606] [rrc] [info] RRC Setup for UE[1]
[2024-02-02 12:38:41.606] [ngap] [debug] Initial NAS message received from UE[1]
[2024-02-02 12:38:41.625] [ngap] [debug] Initial Context Setup Request received
[2024-02-02 12:38:41.839] [ngap] [info] PDU session resource(s) setup for UE[1] count[1]

ターミナルB:UE

root@u222c111:~# cd ~/UERANSIM && \
build/nr-ue -c config/open5gs-ue.yaml

UERANSIM v3.2.6
[2024-02-02 12:38:41.605] [nas] [info] UE switches to state [MM-DEREGISTERED/PLMN-SEARCH]
[2024-02-02 12:38:41.605] [rrc] [debug] New signal detected for cell[1], total [1] cells in coverage
[2024-02-02 12:38:41.605] [nas] [info] Selected plmn[999/70]
[2024-02-02 12:38:41.605] [rrc] [info] Selected cell plmn[999/70] tac[1] category[SUITABLE]
[2024-02-02 12:38:41.605] [nas] [info] UE switches to state [MM-DEREGISTERED/PS]
[2024-02-02 12:38:41.605] [nas] [info] UE switches to state [MM-DEREGISTERED/NORMAL-SERVICE]
[2024-02-02 12:38:41.605] [nas] [debug] Initial registration required due to [MM-DEREG-NORMAL-SERVICE]
[2024-02-02 12:38:41.605] [nas] [debug] UAC access attempt is allowed for identity[0], category[MO_sig]
[2024-02-02 12:38:41.606] [nas] [debug] Sending Initial Registration
[2024-02-02 12:38:41.606] [nas] [info] UE switches to state [MM-REGISTER-INITIATED]
[2024-02-02 12:38:41.606] [rrc] [debug] Sending RRC Setup Request
[2024-02-02 12:38:41.606] [rrc] [info] RRC connection established
[2024-02-02 12:38:41.606] [rrc] [info] UE switches to state [RRC-CONNECTED]
[2024-02-02 12:38:41.606] [nas] [info] UE switches to state [CM-CONNECTED]
[2024-02-02 12:38:41.613] [nas] [debug] Authentication Request received
[2024-02-02 12:38:41.617] [nas] [debug] Security Mode Command received
[2024-02-02 12:38:41.617] [nas] [debug] Selected integrity[2] ciphering[0]
[2024-02-02 12:38:41.626] [nas] [debug] Registration accept received
[2024-02-02 12:38:41.626] [nas] [info] UE switches to state [MM-REGISTERED/NORMAL-SERVICE]
[2024-02-02 12:38:41.626] [nas] [debug] Sending Registration Complete
[2024-02-02 12:38:41.626] [nas] [info] Initial Registration is successful
[2024-02-02 12:38:41.626] [nas] [debug] Sending PDU Session Establishment Request
[2024-02-02 12:38:41.626] [nas] [debug] UAC access attempt is allowed for identity[0], category[MO_sig]
[2024-02-02 12:38:41.830] [nas] [debug] Configuration Update Command received
[2024-02-02 12:38:41.840] [nas] [debug] PDU Session Establishment Accept received
[2024-02-02 12:38:41.840] [nas] [info] PDU Session establishment is successful PSI[1]
[2024-02-02 12:38:41.845] [app] [info] Connection setup for PDU session[1] is successful, TUN interface[uesimtun0, 10.45.0.2] is up.

ターミナルC:通信確認

root@u222c111:~# ip route add default dev uesimtun0

root@u222c111:~# ping 192.168.33.1
PING 192.168.33.1 (192.168.33.1) 56(84) bytes of data.
64 bytes from 192.168.33.1: icmp_seq=1 ttl=254 time=1.66 ms
64 bytes from 192.168.33.1: icmp_seq=2 ttl=254 time=1.63 ms
64 bytes from 192.168.33.1: icmp_seq=3 ttl=254 time=1.66 ms
^C
--- 192.168.33.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 1.626/1.647/1.659/0.015 ms

<補足>
5.簡易動作確認の最後にも記載しましたが、インターネット向け通信については、NATルータ上で設定を行ってください。
ここまでの正常動作確認ができたら、Vyosを導入した構成変更後においても、5G Core内の動作が正常であることを担保できています。
UEアタッチまでのシーケンスをPcapしたファイルはこちらにアップしました。

8.動作確認:応用編

応用編として、UEを3台に増やす方法について記載します。
UE起動時のコマンドに"-n 3"を追加します。
すると、open5gs-ue.yamlに設定したIMSI:999700000000001から999700000000003まで連番にてUEを起動してくれるようになります。
なお、3-5.加入者情報(Subscriber)の登録にて、既にSubscriberが登録済みのため、UEを3台に増やすことができるようになっています。
さらに、UEを増やしたい場合には、Open5GS Web Console上で、事前にSubscriberの追加登録を行ってください。

8-1.UEの起動と通信確認

追記箇所:青文字
ターミナルB:UE

cd ~/UERANSIM && \
build/nr-ue -c config/open5gs-ue.yaml -n 3

ターミナルC:通信確認

ip route add default dev uesimtun0

<インターフェース指定によるPingcurlコマンド>
ping -I uesimtun0 192.168.33.1
ping -I uesimtun1 192.168.33.1
ping -I uesimtun2 192.168.33.1
curl --interface uesimtun0 www.google.com
curl --interface uesimtun1 www.google.com
curl --interface uesimtun2 www.google.com

<補足>
この状態でifconfigを実施すると、uesimtun0~2までTunインターフェースが生成されています。

ターミナルC:ifconfig出力例

uesimtun0: flags=369  mtu 1400
        inet 10.45.0.2  netmask 255.255.255.255  destination 10.45.0.2
        inet6 fe80::fde3:ddca:d856:1830  prefixlen 64  scopeid 0x20
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 36  bytes 23196 (23.1 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 49  bytes 3086 (3.0 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

uesimtun1: flags=369  mtu 1400
        inet 10.45.0.3  netmask 255.255.255.255  destination 10.45.0.3
        inet6 fe80::e37c:d6c3:702f:c37e  prefixlen 64  scopeid 0x20
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 2  bytes 168 (168.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 13  bytes 808 (808.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

uesimtun2: flags=369  mtu 1400
        inet 10.45.0.4  netmask 255.255.255.255  destination 10.45.0.4
        inet6 fe80::bf1f:4cc2:2d60:7279  prefixlen 64  scopeid 0x20
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 2  bytes 168 (168.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 13  bytes 808 (808.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
8-2.UE複数起動時のgNBとUEのログ出力例

ターミナルA:gNB

root@u222c111:~# cd ~/UERANSIM && \
build/nr-gnb -c config/open5gs-gnb.yaml

UERANSIM v3.2.6
[2024-02-02 19:16:13.090] [sctp] [info] Trying to establish SCTP connection... (192.168.57.113:38412)
[2024-02-02 19:16:13.100] [sctp] [info] SCTP connection established (192.168.57.113:38412)
[2024-02-02 19:16:13.101] [sctp] [debug] SCTP association setup ascId[3]
[2024-02-02 19:16:13.101] [ngap] [debug] Sending NG Setup Request
[2024-02-02 19:16:13.110] [ngap] [debug] NG Setup Response received
[2024-02-02 19:16:13.110] [ngap] [info] NG Setup procedure is successful
[2024-02-02 19:16:42.062] [rrc] [debug] UE[1] new signal detected
[2024-02-02 19:16:42.063] [rrc] [debug] UE[2] new signal detected
[2024-02-02 19:16:42.063] [rrc] [debug] UE[3] new signal detected
[2024-02-02 19:16:42.068] [rrc] [info] RRC Setup for UE[1]
[2024-02-02 19:16:42.068] [rrc] [info] RRC Setup for UE[2]
[2024-02-02 19:16:42.068] [ngap] [debug] Initial NAS message received from UE[1]
[2024-02-02 19:16:42.069] [ngap] [debug] Initial NAS message received from UE[2]
[2024-02-02 19:16:42.070] [rrc] [info] RRC Setup for UE[3]
[2024-02-02 19:16:42.070] [ngap] [debug] Initial NAS message received from UE[3]
[2024-02-02 19:16:42.097] [ngap] [debug] Initial Context Setup Request received
[2024-02-02 19:16:42.098] [ngap] [debug] Initial Context Setup Request received
[2024-02-02 19:16:42.102] [ngap] [debug] Initial Context Setup Request received
[2024-02-02 19:16:42.117] [ngap] [info] PDU session resource(s) setup for UE[1] count[1]
[2024-02-02 19:16:42.118] [ngap] [info] PDU session resource(s) setup for UE[2] count[1]
[2024-02-02 19:16:42.119] [ngap] [info] PDU session resource(s) setup for UE[3] count[1]

ターミナルB:UE

root@u222c111:~# cd ~/UERANSIM && \
build/nr-ue -c config/open5gs-ue.yaml -n 3

UERANSIM v3.2.6
[2024-02-02 19:16:42.062] [999700000000002|nas] [info] UE switches to state [MM-DEREGISTERED/PLMN-SEARCH]
[2024-02-02 19:16:42.062] [999700000000001|nas] [info] UE switches to state [MM-DEREGISTERED/PLMN-SEARCH]
[2024-02-02 19:16:42.062] [999700000000003|nas] [info] UE switches to state [MM-DEREGISTERED/PLMN-SEARCH]
[2024-02-02 19:16:42.063] [999700000000002|rrc] [debug] New signal detected for cell[1], total [1] cells in coverage
[2024-02-02 19:16:42.063] [999700000000002|nas] [info] Selected plmn[999/70]
[2024-02-02 19:16:42.063] [999700000000001|rrc] [debug] New signal detected for cell[1], total [1] cells in coverage
[2024-02-02 19:16:42.063] [999700000000002|rrc] [info] Selected cell plmn[999/70] tac[1] category[SUITABLE]
[2024-02-02 19:16:42.064] [999700000000002|nas] [info] UE switches to state [MM-DEREGISTERED/PS]
[2024-02-02 19:16:42.064] [999700000000002|nas] [info] UE switches to state [MM-DEREGISTERED/NORMAL-SERVICE]
[2024-02-02 19:16:42.064] [999700000000002|nas] [debug] Initial registration required due to [MM-DEREG-NORMAL-SERVICE]
[2024-02-02 19:16:42.064] [999700000000001|nas] [info] Selected plmn[999/70]
[2024-02-02 19:16:42.064] [999700000000001|rrc] [info] Selected cell plmn[999/70] tac[1] category[SUITABLE]
[2024-02-02 19:16:42.064] [999700000000001|nas] [info] UE switches to state [MM-DEREGISTERED/PS]
[2024-02-02 19:16:42.064] [999700000000001|nas] [info] UE switches to state [MM-DEREGISTERED/NORMAL-SERVICE]
[2024-02-02 19:16:42.064] [999700000000001|nas] [debug] Initial registration required due to [MM-DEREG-NORMAL-SERVICE]
[2024-02-02 19:16:42.064] [999700000000002|nas] [debug] UAC access attempt is allowed for identity[0], category[MO_sig]
[2024-02-02 19:16:42.064] [999700000000002|nas] [debug] Sending Initial Registration
[2024-02-02 19:16:42.065] [999700000000002|nas] [info] UE switches to state [MM-REGISTER-INITIATED]
[2024-02-02 19:16:42.068] [999700000000002|rrc] [debug] Sending RRC Setup Request
[2024-02-02 19:16:42.068] [999700000000001|nas] [debug] UAC access attempt is allowed for identity[0], category[MO_sig]
[2024-02-02 19:16:42.068] [999700000000001|nas] [debug] Sending Initial Registration
[2024-02-02 19:16:42.068] [999700000000001|rrc] [debug] Sending RRC Setup Request
[2024-02-02 19:16:42.068] [999700000000001|nas] [info] UE switches to state [MM-REGISTER-INITIATED]
[2024-02-02 19:16:42.068] [999700000000002|rrc] [info] RRC connection established
[2024-02-02 19:16:42.068] [999700000000002|rrc] [info] UE switches to state [RRC-CONNECTED]
[2024-02-02 19:16:42.068] [999700000000002|nas] [info] UE switches to state [CM-CONNECTED]
[2024-02-02 19:16:42.069] [999700000000003|rrc] [debug] New signal detected for cell[1], total [1] cells in coverage
[2024-02-02 19:16:42.069] [999700000000001|rrc] [info] RRC connection established
[2024-02-02 19:16:42.069] [999700000000001|rrc] [info] UE switches to state [RRC-CONNECTED]
[2024-02-02 19:16:42.069] [999700000000001|nas] [info] UE switches to state [CM-CONNECTED]
[2024-02-02 19:16:42.069] [999700000000003|nas] [info] Selected plmn[999/70]
[2024-02-02 19:16:42.069] [999700000000003|rrc] [info] Selected cell plmn[999/70] tac[1] category[SUITABLE]
[2024-02-02 19:16:42.069] [999700000000003|nas] [info] UE switches to state [MM-DEREGISTERED/PS]
[2024-02-02 19:16:42.069] [999700000000003|nas] [info] UE switches to state [MM-DEREGISTERED/NORMAL-SERVICE]
[2024-02-02 19:16:42.069] [999700000000003|nas] [debug] Initial registration required due to [MM-DEREG-NORMAL-SERVICE]
[2024-02-02 19:16:42.069] [999700000000003|nas] [debug] UAC access attempt is allowed for identity[0], category[MO_sig]
[2024-02-02 19:16:42.069] [999700000000003|nas] [debug] Sending Initial Registration
[2024-02-02 19:16:42.069] [999700000000003|nas] [info] UE switches to state [MM-REGISTER-INITIATED]
[2024-02-02 19:16:42.069] [999700000000003|rrc] [debug] Sending RRC Setup Request
[2024-02-02 19:16:42.070] [999700000000003|rrc] [info] RRC connection established
[2024-02-02 19:16:42.070] [999700000000003|rrc] [info] UE switches to state [RRC-CONNECTED]
[2024-02-02 19:16:42.070] [999700000000003|nas] [info] UE switches to state [CM-CONNECTED]
[2024-02-02 19:16:42.076] [999700000000002|nas] [debug] Authentication Request received
[2024-02-02 19:16:42.080] [999700000000001|nas] [debug] Authentication Request received
[2024-02-02 19:16:42.080] [999700000000003|nas] [debug] Authentication Request received
[2024-02-02 19:16:42.082] [999700000000002|nas] [debug] Security Mode Command received
[2024-02-02 19:16:42.082] [999700000000002|nas] [debug] Selected integrity[2] ciphering[0]
[2024-02-02 19:16:42.084] [999700000000001|nas] [debug] Security Mode Command received
[2024-02-02 19:16:42.084] [999700000000001|nas] [debug] Selected integrity[2] ciphering[0]
[2024-02-02 19:16:42.086] [999700000000003|nas] [debug] Security Mode Command received
[2024-02-02 19:16:42.086] [999700000000003|nas] [debug] Selected integrity[2] ciphering[0]
[2024-02-02 19:16:42.098] [999700000000002|nas] [debug] Registration accept received
[2024-02-02 19:16:42.098] [999700000000002|nas] [info] UE switches to state [MM-REGISTERED/NORMAL-SERVICE]
[2024-02-02 19:16:42.098] [999700000000002|nas] [debug] Sending Registration Complete
[2024-02-02 19:16:42.098] [999700000000002|nas] [info] Initial Registration is successful
[2024-02-02 19:16:42.098] [999700000000002|nas] [debug] Sending PDU Session Establishment Request
[2024-02-02 19:16:42.098] [999700000000002|nas] [debug] UAC access attempt is allowed for identity[0], category[MO_sig]
[2024-02-02 19:16:42.098] [999700000000001|nas] [debug] Registration accept received
[2024-02-02 19:16:42.098] [999700000000001|nas] [info] UE switches to state [MM-REGISTERED/NORMAL-SERVICE]
[2024-02-02 19:16:42.098] [999700000000001|nas] [debug] Sending Registration Complete
[2024-02-02 19:16:42.098] [999700000000001|nas] [info] Initial Registration is successful
[2024-02-02 19:16:42.098] [999700000000001|nas] [debug] Sending PDU Session Establishment Request
[2024-02-02 19:16:42.098] [999700000000001|nas] [debug] UAC access attempt is allowed for identity[0], category[MO_sig]
[2024-02-02 19:16:42.103] [999700000000003|nas] [debug] Registration accept received
[2024-02-02 19:16:42.103] [999700000000003|nas] [info] UE switches to state [MM-REGISTERED/NORMAL-SERVICE]
[2024-02-02 19:16:42.103] [999700000000003|nas] [debug] Sending Registration Complete
[2024-02-02 19:16:42.103] [999700000000003|nas] [info] Initial Registration is successful
[2024-02-02 19:16:42.103] [999700000000003|nas] [debug] Sending PDU Session Establishment Request
[2024-02-02 19:16:42.103] [999700000000003|nas] [debug] UAC access attempt is allowed for identity[0], category[MO_sig]
[2024-02-02 19:16:42.103] [999700000000002|nas] [debug] Configuration Update Command received
[2024-02-02 19:16:42.103] [999700000000001|nas] [debug] Configuration Update Command received
[2024-02-02 19:16:42.104] [999700000000003|nas] [debug] Configuration Update Command received
[2024-02-02 19:16:42.118] [999700000000002|nas] [debug] PDU Session Establishment Accept received
[2024-02-02 19:16:42.118] [999700000000002|nas] [info] PDU Session establishment is successful PSI[1]
[2024-02-02 19:16:42.120] [999700000000003|nas] [debug] PDU Session Establishment Accept received
[2024-02-02 19:16:42.120] [999700000000003|nas] [info] PDU Session establishment is successful PSI[1]
[2024-02-02 19:16:42.121] [999700000000001|nas] [debug] PDU Session Establishment Accept received
[2024-02-02 19:16:42.121] [999700000000001|nas] [info] PDU Session establishment is successful PSI[1]
[2024-02-02 19:16:42.127] [999700000000002|app] [info] Connection setup for PDU session[1] is successful, TUN interface[uesimtun0, 10.45.0.2] is up.
[2024-02-02 19:16:42.135] [999700000000001|app] [info] Connection setup for PDU session[1] is successful, TUN interface[uesimtun1, 10.45.0.3] is up.
[2024-02-02 19:16:42.141] [999700000000003|app] [info] Connection setup for PDU session[1] is successful, TUN interface[uesimtun2, 10.45.0.4] is up.

以上です。

9.最後に

以下のサイトを参考にさせて頂きました。
Open5GS | Open5GS is a C-language implementation of 5G Core and EPC, i.e. the core network of NR/LTE network (Release-17)
GitHub - s5uishida/open5gs_5gc_ueransim_sample_config: Open5GS 5GC & UERANSIM UE / RAN Sample Configuration

何よりも「aptコマンドで5G Coreがインストールできちゃうんだ!」ということが、驚きと感動で震えました。
Open5GSの開発者やコントリビュータの方々に、ただひたすら感謝しています。

4年前は、ビルドが必須だったり、ビルドするとターミナル画面が文字化けして、画面を閉じないと先に進めなかったりしていました。
さらに、仮想マシンではPingは通るけどRTTが不安定だったりしました。
このため、Low Latency Kernelで動作させるべく、物理マシンを用意して、Linux Kernelのビルドからやっていました。

今後もこの分野はさらに発展していくと思うので、5Gの動向にアンテナを張りつつ、技術をより深化させ精進していきたいと思います。

*1:分離といっても、仮想マシンをクローンするだけです。

*2:UPFとそれ以外のNFに分離します。

*3:パケット転送をするなどNW周りの設定がポイントになるためです

*4:公式のQuickstartや関連ブログなど

*5:NAPT無しで全ての動作確認が成功した後、最後にNAPTかければよくないですか?と思っています。NAPTをかけることが目的ではないので。

*6:4G関連サービスは、Open5GSのインストール時に自動起動設定が行われています。

*7:DNSサーバアドレス設定については、/etc/resolv.confを直接変更しても意味がないなど諸説あるのですが、実体は/run/systemd/resolve/resolv.confの値が、設定した値8.8.8.8になっていればOKです。ただし、/run/systemd/resolve/resolv.confを直接変更するのはダメなようです。

*8:主にAMF, SMFですが、その他の5GCore NF(例えば、NRFとかPCFなど)も含まれます。

*9:仮想環境における低レイヤ周りの技術は極めて極めて重要なのですが、VMWare WorkstationやESXi、VBox、KVMなど環境によって異なるため詳細は割愛します。掘り下げると数本分のブログ内容に発展するためです。

*10:Routingを行うためにプラスして、N2, N3, N4間通信をPcapするためでもあります。

*11:10.45.0.xのUE IPは、GTP-Uトンネル内のInnerIPのため、Vyos上ではRouting対象になりません。

*12:192.168.56.0のPrefixが2つ存在していますが、ロンゲストマッチが効くので問題ありません。