* [MME] Introduce aging timers
* Creating three new timers
* mirroring work done by gstaa on the AMF
* Implicit detach procedures added
* Fix for detach from unknown UE
* no Purge Timer, no config, expanded code
o Generate the private key as below.
$ openssl genpkey -algorithm X25519 -out /etc/open5gs/hnet/curve25519-1.key
$ openssl ecparam -name prime256v1 -genkey -conv_form compressed -out /etc/open5gs/hnet/secp256r1-2.key
o The private and public keys can be viewed with the command.
The public key is used when creating the SIM.
$ openssl pkey -in /etc/open5gs/hnet/curve25519-1.key -text
$ openssl ec -in /etc/open5gs/hnet/secp256r1-2.key -conv_form compressed -text
In ausf/udm.yaml
hnet:
o Home network public key identifier(PKI) value : 1
Protection scheme identifier : ECIES scheme profile A
- id: 1
scheme: 1
key: /etc/open5gs/hnet/curve25519-1.key
o Home network public key identifier(PKI) value : 2
Protection scheme identifier : ECIES scheme profile B
- id: 2
scheme: 2
key: /etc/open5gs/hnet/secp256r1-2.key
o Home network public key identifier(PKI) value : 3
Protection scheme identifier : ECIES scheme profile A
- id: 3
scheme: 1
key: /etc/open5gs/hnet/curve25519-1.key
o Home network public key identifier(PKI) value : 4
Protection scheme identifier : ECIES scheme profile B
- id: 4
scheme: 2
key: /etc/open5gs/hnet/secp256r1-2.key
Related to #1779
Expose metrics with labels according to ETSI TS 128 552 V16.13.0 in
PCF by using hash.
The metrics are named respecting the rule:
<generation>_<measurement_object_class>_<measurement_family_name>_<metric_name_as_in_TS_128_552>
Since slice itself is not unique, the plmnid label is exposed in
addition to snssai.
AM policy:
fivegs_pcffunction_pa_policyamassoreq and
fivegs_pcffunction_pa_policyamassosucc do not expose snssai label
since it is not available at the time of exposure.
plmnid is defined during AM policy processing, so not to lose the
difference to ...succ, the basic metric
fivegs_pcffunction_pa_policyamassoreq is preserved.
SM policy:
snssai is defined during SM policy processing, so not to lose the
difference to ...succ, the basic metric
fivegs_pcffunction_pa_policysmassoreq is preserved.
Those 2 basic metrics retain their position but are exposed with empty
labels.
Metrics with labels are called later, when the label values are known.
Exposed metrics example:
-standard counters:
fivegs_pcffunction_pa_policyamassoreq{plmnid=""} 3
fivegs_pcffunction_pa_policyamassoreq{plmnid="99970"} 3
fivegs_pcffunction_pa_policyamassosucc{plmnid="99970"} 3
fivegs_pcffunction_pa_policysmassoreq{plmnid="",snssai=""} 3
fivegs_pcffunction_pa_policysmassoreq{plmnid="99970",snssai="1000009"} 3
fivegs_pcffunction_pa_policysmassosucc{plmnid="99970",snssai="1000009"} 3
-nonstandard gauge (added for controlling purposes -
same metric as existing metric on AMF and SMF):
fivegs_pcffunction_pa_sessionnbr{plmnid="99970",snssai="1000009"} 0
Expose metrics with labels according to ETSI TS 128 552 V16.13.0 in
UPF by using hash.
The metrics are named respecting the rule:
<generation>_<measurement_object_class>_<measurement_family_name>_<metric_name_as_in_TS_128_552>
5qi is not available in UPF.
To present 5qi to the user, MN will have to maintain a table qfi->5qi
for each QoS flow (will have to get information from SMF).
So UPF has to expose qfi. qfi itself is not useful. When used, UPF will
have to expose additional label to define the session (e.g. source
interface).
Label dnn is set to value of APN/DNN received in Establishment.
Since SMF does not add APN/DNN to Establishment, the label is empty.
When APN/DNN will be set by SMF, it should be added to sess in UPF
and used in metrics on Modification and Deletion.
Both datavolumeqosleveln3upf are exposed in bytes.
MN is providing the transformation to kbits.
fivegs_upffunction_upf_qosflows should expose the number of QFIs used in
sessions, but exposes number of QER rules, which is currently equal to
QFIs.
The label snsssai is not provided since the slice is not available on UPF.
Exposed metrics example:
Standard counters:
fivegs_ep_n3_gtp_indatapktn3upf 28637
fivegs_ep_n3_gtp_outdatapktn3upf 14729
fivegs_upffunction_sm_n4sessionestabreq 4
fivegs_upffunction_sm_n4sessionestabfail{cause="66"} 1
fivegs_upffunction_sm_n4sessionestabfail{cause="71"} 68
fivegs_upffunction_sm_n4sessionestabfail{cause="68"} 4
fivegs_upffunction_sm_n4sessionestabfail{cause="72"} 15
fivegs_upffunction_sm_n4sessionestabfail{cause="75"} 3
fivegs_upffunction_sm_n4sessionestabfail{cause="65"} 4
fivegs_upffunction_sm_n4sessionreport 0
fivegs_upffunction_sm_n4sessionreportsucc 0
fivegs_ep_n3_gtp_indatavolumeqosleveln3upf{qfi="1"} 39792997
fivegs_ep_n3_gtp_outdatavolumeqosleveln3upf{qfi="1"} 737548
Nonstandard gauge (added for controlling purposes -
same metric as existing metric on AMF and SMF):
fivegs_upffunction_upf_sessionnbr 1
Standard gauge:
fivegs_upffunction_upf_qosflows{dnn=""} 1
Without this change, using metrics with core setup configurations
(configs/vonr.yaml for example) would not be possible. Having one
metrics section for whole config file causes every NF to start metrics
server on same port causing an abort.
* [HSS] Enable Change Streams
* Enable Events and Timers in HSS
* Integrate change streams in dbi
* mongodb should be configured with replica sets enabled to use feature
* Change streams are optional in HSS
* Timer will poll change stream for changes in the database
* As changes are detected, event is created to perform the correct
action
* Changes made as suggested
== Known limitation ==
Placing npcf-smpolicycontrol and pcf-policyauthorization
in different NFs is not supported. Both npcf-smpolicycontrol
and pcf-policyauthorization should be placed in the same NF.
* configs: use proper default IP address for metrics server
Let's use the IP address assigned to each process by default when
configuring the HTTP Prometheus server. Otherwise having several
processes listening on 0.0.0.0 cause collisions.
* configs: mme.yaml: Fix trailing whitespace
* Initial metrics support based on Prometheus
This commit introduces initial support for metrics in open5gs.
The metrics code is added as libogsmetrics (lib/metrics/), with a well
defined opaque API to manage different types of metrics, allowing for
different implementations for different technologies to scrap the
metrics (placed as lib/metrics/<impl>/. The implementation is right now
selected at build time, in order to be able to opt-out the related dependencies
for users not interested in the features. 2 implementations are already
provided in this commit to start with:
* void: Default implementation. Empty stubs, acts as a NOOP.
* prometheus: open5gs processes become Prometheus servers, offering
states through an http server to the Prometheus scrappers. Relies on
libprom (prometheus-client-ci [1] project) to track the metrics and format
them during export, and libmicrohttpd to make the export possible through
HTTP.
[1] https://github.com/digitalocean/prometheus-client-c
The prometheus-client-c is not well maintained nowadays in upstream, and
furthermore it uses a quite peculiar mixture of build systems (autolib
on the main dir, cmake for libprom in a subdir). This makes it difficult
to have it widely available in distros, and difficult to find it if it
is installed in the system. Hence, the best is to include it as a
meson subproject like we already do for freeDiameter. An open5gs fork is
requried in order to have an extra patch adding a top-level
CMakeList.txt in order to be able to includ eit from open5gs's meson
build. Furthermore, this allows adding bugfixes to the subproject if any
are found in the future.
* [SMF] Initial metrics support
* [SMF] Add metrics at gtp_node level
* docs: Add tutorial documenting metrics with Prometheus
The use of the Gy interface (SMF acting as CTF towards an OCS node) is
mandated through configuration file. Default value "enable: auto" will
only make use of it in case a Diameter peer announcing support for the
Credit-Control Application is found.
Upon subscriber session creation, and after auth check over Gx, the SMF
will create a Gy session with the OCS and only after that step the SMF
will accept the session back to the subscriber.
The OCS may then grant some traffic volumes/time and ask to be notified
back with updated measurements.
In order to get the measurements, the SMF relies on PFCP URR configured
to the UPF through Session Repoort Request messages.
When closing the subscriber session, the SMF will also terminate the Gy
session at the OCS.
So far only some specifics parts of the Gy interface as well as the PFCP
side are implemented. Those should be enough to at least have
volume/time thresholds granted by the OCS, which then will be able to
track subsriber resource use.
This patch doesn't implement the OCS side of the Gy interface, that's
left as a future exercise. The interface was tested using an OCS
emulator implemented in TTCN-3 [1]
[1] https://cgit.osmocom.org/osmo-ttcn3-hacks/
* Fix conversion from IPFilterRule to packet filter
As per 3GPP TS 24.008, following Packet filter component type identifier
are not supported on the LTE pre release-11 UEs:
IPv4 local address type
IPv6 remote address/prefix length type
IPv6 local address/prefix length type
And,
IPv6 remote address/prefix length type and
IPv6 local address/prefix length type shall be used when both MS and
Network support Local Address in TFTs.
This commit add logic to omit adding local address in packet filters
for compatibility with pre-release LTE 11 devices. The following parameter
could be used to toggle omit/no to omit behavior.
parameter:
no_ipv4v6_local_addr_in_packet_filter: <true/false>
* Remove logic of supporting pre-release LTE 11 devices in PCRF
* [configs] Remove requires systemd-networkd dep from smfd service
The smf no longer has (never had?) a dependency on systemd-networkd,
and can start and remain operational without systemd-networkd
specifically running.
* [configs] Relax upf dependency on systemd-networkd
The upf relies on systemd-networkd to create the ogstun interface, but
does not communicate with it at runtime. It currently has a "Requires"
dependency specified, which means that the upf will be stopped if
systemd-networkd is ever stopped. Since the upf doesn't actually care
if systemd-networkd is later stopped after ogstun is created, it can
use the weaker "Wants" dependency type, which allows it to keep
running even if systemd-networkd were to be stopped.
Regardless, since it does rely on systemd-networkd specifically to
create the ogstun interface, it should sequence itself "After"
systemd-networkd has been started.
Since the true dependency is ogstun, not systemd-networkd, a cleaner
approach would depend on the specific tunnel device being
available. Systemd exposes this information via device units, but I'm
not sure if they are always consistently named across platforms.
* [configs] Do not require ogstun for system online
Systemd-networkd will wait for all managed interfaces to be configured
before determining the system is online. Since the ogstun and upf are
more logically an application rather than a system networking service,
don't wait for them to be configured by default.
This breaks the circular dependency between the userspace cellular
core network services and the system's network, which will allow the
cellular core network services to sequence themselves cleanly after
the system's network is up and configured.
* [configs] Sequence network-dependent units after network-online
Since open5gs targets platforms with both ifupdown (debian) and
systemd-networkd (Ubuntu) as core networking providers, this commit
sequences network-dependent core network components after the generic
network-online.target instead of one of the specific provider
targets. This allows the core network to operate correctly with both
systemd-networkd and ifupdown (networking), and fixes the issue
observed in https://github.com/open5gs/open5gs/issues/826 where some
platforms may fail to start cleanly.
