diff --git a/docs/_docs/guide/04-setting-up-kamailio-IMS.md b/docs/_docs/guide/04-VoLTE-setup.md similarity index 52% rename from docs/_docs/guide/04-setting-up-kamailio-IMS.md rename to docs/_docs/guide/04-VoLTE-setup.md index 01a5414bd..203c7f68e 100644 --- a/docs/_docs/guide/04-setting-up-kamailio-IMS.md +++ b/docs/_docs/guide/04-VoLTE-setup.md @@ -1,9 +1,14 @@ --- -title: Setting up Kamailio IMS +title: VoLTE Setup with Kamailio IMS and Open5gs head_inline: "" --- -Setting up Kamailio IMS in OpenStack VM and connecting P-CSCF of Kamailio IMS with PCRF of Open5GS (Running on another OpenStak VM) - Install from deb packages +Setup description: +- MCC: 001, MNC: 01 +- Single OpenStack VM with Kamailio IMS and Open5gs (Internal IP 10.4.128.21 and Floating IP 172.24.15.30) +- 4G Casa Smallcell +- Sysmocom USIM - sysmoUSIM-SJS1 +- Oneplus 5 as UE {: .blue} @@ -35,167 +40,90 @@ $ apt update && apt upgrade -y && apt install -y mysql-server tcpdump screen ntp libssl-dev libcurl4-openssl-dev libxml2-dev libpcre3-dev bash-completion g++ autoconf rtpproxy libmnl-dev libsctp-dev ipsec-tools ``` -#### 4. Install all required Kamailio packages (v5.2) +#### 4. Clone Kamailio repository and checkout 5.2 version of repository ``` -$ wget -O- http://deb.kamailio.org/kamailiodebkey.gpg | sudo apt-key add - -$ add-apt-repository 'deb http://deb.kamailio.org/kamailio52 bionic main' -$ apt install -y kamailio kamailio-mysql-modules kamailio-ims-modules kamailio-presence-modules kamailio-tls-modules kamailio-xml-modules kamailio-xmlrpc-modules -``` - -#### 5. Clone Kamailio repository and checkout 5.2 version of repository - -``` -$ mkdir -p /usr/local/src/kamailio-5.2 -$ cd /usr/local/src/kamailio-5.2/ -$ git clone git://git.kamailio.org/kamailio kamailio +$ mkdir -p /usr/local/src/ +$ cd /usr/local/src/ +$ git clone https://github.com/herlesupreeth/kamailio $ cd kamailio $ git checkout -b 5.2 origin/5.2 ``` -#### 6. Setup the DNS for resolving IMS components names +#### 5. Generate build config files ``` -$ apt install -y bind9 +$ cd /usr/local/src/kamailio +$ make cfg ``` -Use the below example DNS Zone file to create a DNS Zone file in the /etc/bind folder and -edit /etc/bind/named.conf.local, /etc/bind/named.conf.options accordingly: +#### 6. Enable MySQL module and all required IMS modules. Edit modules.lst file present at /usr/local/src/kamailio/src + +The contents of modules.lst should be as follows: ``` -$ cd /etc/bind -$ vim mnc096.mcc262.3gppnetwork.org +# this file is autogenerated by make modules-cfg + +# the list of sub-directories with modules +modules_dirs:=modules + +# the list of module groups to compile +cfg_group_include= + +# the list of extra modules to compile +include_modules= cdp cdp_avp db_mysql dialplan ims_auth ims_charging ims_dialog ims_diameter_server ims_icscf ims_ipsec_pcscf ims_isc ims_ocs ims_qos ims_registrar_pcscf ims_registrar_scscf ims_usrloc_pcscf ims_usrloc_scscf outbound presence presence_conference presence_dialoginfo presence_mwi presence_profile presence_reginfo presence_xml pua pua_bla pua_dialoginfo pua_reginfo pua_rpc pua_usrloc pua_xmpp sctp tls utils xcap_client xcap_server xmlops xmlrpc + +# the list of static modules +static_modules= + +# the list of modules to skip from compile list +skip_modules= + +# the list of modules to exclude from compile list +exclude_modules= acc_json acc_radius app_java app_lua app_lua_sr app_mono app_perl app_python app_python3 app_ruby auth_ephemeral auth_identity auth_radius cnxcc cplc crypto db2_ldap db_berkeley db_cassandra db_mongodb db_oracle db_perlvdb db_postgres db_redis db_sqlite db_unixodbc dnssec erlang evapi geoip geoip2 gzcompress h350 http_async_client http_client jansson janssonrpcc json jsonrpcc kafka kazoo lcr ldap log_systemd lost memcached misc_radius ndb_cassandra ndb_mongodb ndb_redis nsq osp peering phonenum pua_json rabbitmq regex rls rtp_media_server snmpstats systemdops topos_redis uuid websocket xhttp_pi xmpp $(skip_modules) + +modules_all= $(filter-out modules/CVS,$(wildcard modules/*)) +modules_noinc= $(filter-out $(addprefix modules/, $(exclude_modules) $(static_modules)), $(modules_all)) +modules= $(filter-out $(modules_noinc), $(addprefix modules/, $(include_modules) )) $(modules_noinc) +modules_configured:=1 ``` -In the below example: Kamailio IMS & DNS server running at 10.4.128.7/172.24.15.21 (Floating IP) and PCRF at 10.4.128.11/172.24.15.3 (Floating IP) + +#### 7. Compile and install Kamailio ``` -$ORIGIN mnc096.mcc262.3gppnetwork.org. -$TTL 1W -@ 1D IN SOA localhost. root.localhost. ( - 1 ; serial - 3H ; refresh - 15M ; retry - 1W ; expiry - 1D ) ; minimum - - 1D IN NS ns -ns 1D IN A 10.4.128.7 - -pcscf 1D IN A 10.4.128.7 -_sip._udp.pcscf 1D SRV 0 0 5060 pcscf -_sip._tcp.pcscf 1D SRV 0 0 5060 pcscf - -icscf 1D IN A 10.4.128.7 -_sip._udp 1D SRV 0 0 4060 icscf -_sip._tcp 1D SRV 0 0 4060 icscf -_sip._udp.ims 1D SRV 0 0 4060 icscf -_sip._tcp.ims 1D SRV 0 0 4060 icscf - -scscf 1D IN A 10.4.128.7 -_sip._udp.scscf 1D SRV 0 0 6060 scscf -_sip._tcp.scscf 1D SRV 0 0 6060 scscf - -hss 1D IN A 10.4.128.7 -pcrf 1D IN A 10.4.128.11 +$ cd /usr/local/src/kamailio +$ make Q=0 all | tee make_all.txt +$ make install | tee make_install.txt +$ ldconfig ``` -Edit /etc/bind/named.conf.local file as follows: +The binaries and executable scripts are installed in: /usr/local/sbin -``` -// -// Do any local configuration here -// +kamailio - Kamailio SIP server +kamdbctl - script to create and manage the Databases +kamctl - script to manage and control Kamailio SIP server +kamcmd - CLI - command line tool to interface with Kamailio SIP server -// Consider adding the 1918 zones here, if they are not used in your -// organization -//include "/etc/bind/zones.rfc1918"; +To be able to use the binaries from command line, make sure that '/usr/local/sbin' is set in PATH environment variable. +You can check that with 'echo $PATH'. If not and you are using 'bash', open '/root/.bash_profile' and at the end add: + PATH=$PATH:/usr/local/sbin + export PATH -zone "mnc096.mcc262.3gppnetwork.org" { - type master; - file "/etc/bind/mnc096.mcc262.3gppnetwork.org"; -}; -``` +Kamailio modules are installed at: +/usr/local/lib64/kamailio/modules -Edit /etc/bind/named.conf.options file as follows: +The documentation and readme files are installed at: +/usr/local/share/doc/kamailio/ -``` -options { - directory "/var/cache/bind"; +The configuration files are installed at: +/usr/local/etc/kamailio - // If there is a firewall between you and nameservers you want - // to talk to, you may need to fix the firewall to allow multiple - // ports to talk. See http://www.kb.cert.org/vuls/id/800113 +In case you set the PREFIX variable in 'make cfg' command, then replace /usr/local in all paths above with the value of PREFIX in order to locate the files installed. - // If your ISP provided one or more IP addresses for stable - // nameservers, you probably want to use them as forwarders. - // Uncomment the following block, and insert the addresses replacing - // the all-0's placeholder. +#### 8. Populate MySQL database using kamctlrc command - forwarders { - // Put here the IP address of other DNS server which could be used if name cannot be resolved with DNS server running in this machine - 10.4.128.2; - }; - - //======================================================================== - // If BIND logs error messages about the root key being expired, - // you will need to update your keys. See https://www.isc.org/bind-keys - //======================================================================== - dnssec-validation no; - allow-query { localhost; }; - - auth-nxdomain no; # conform to RFC1035 - //listen-on-v6 { any; }; -}; -``` - -``` -$ systemctl restart bind9 -``` - -Then, test DNS resolution by adding following entries on top of all other entries in /etc/resolv.conf. - -search mnc096.mcc262.3gppnetwork.org -nameserver 10.4.128.7 - -Finally, ping to ensure - -$ ping pcscf -PING pcscf.mnc096.mcc262.3gppnetwork.org (10.4.128.7) 56(84) bytes of data. -64 bytes from localhost (10.4.128.7): icmp_seq=1 ttl=64 time=0.017 ms -64 bytes from localhost (10.4.128.7): icmp_seq=2 ttl=64 time=0.041 ms - -To make changes in /etc/resolv.conf be persistent across reboot edit the /etc/netplan/50-cloud-init.yaml file as follows: - -``` -# This file is generated from information provided by -# the datasource. Changes to it will not persist across an instance. -# To disable cloud-init's network configuration capabilities, write a file -# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following: -# network: {config: disabled} -network: - version: 2 - ethernets: - ens3: - dhcp4: true - match: - macaddress: fa:16:3e:99:f5:67 - set-name: ens3 - nameservers: - search: [mnc096.mcc262.3gppnetwork.org] - addresses: - - 10.4.128.7 -``` - -``` -$ netplan apply -$ ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf -$ systemctl restart systemd-resolved.service -``` - -#### 7. Populate MySQL database using kamctlrc command - -Edit SIP_DOMAIN and DBENGINE in the /etc/kamailio/kamctlrc configuration file (Used by kamctl and kamdbctl tools). +Edit SIP_DOMAIN and DBENGINE in the /usr/local/etc/kamailio/kamctlrc configuration file (Used by kamctl and kamdbctl tools). Set the SIP_DOMAIN to your SIP service domain (or IP address if you don't have a DNS hostname associated with your SIP service). Set the DBENGINE to be MYSQL and adjust other setting as you want. Finally, uncomment both SIP_DOMAIN and DBENGINE. @@ -203,7 +131,7 @@ Set the DBENGINE to be MYSQL and adjust other setting as you want. Finally, unco In example above, the following values are set for SIP_DOMAIN and DBENGINE ``` -SIP_DOMAIN=mnc096.mcc262.3gppnetwork.org +SIP_DOMAIN=ims.mnc001.mcc001.3gppnetwork.org DBENGINE=MYSQL ``` @@ -233,7 +161,7 @@ The kamdbctl will add two users in MySQL user tables: - kamailioro - (with default password 'kamailioro') - user which has read-only access rights to 'kamailio' database ``` -#### 8. Edit /etc/default/rtpproxy file as follows: +#### 9. Edit /etc/default/rtpproxy file as follows: ``` # Defaults for rtpproxy @@ -241,10 +169,11 @@ The kamdbctl will add two users in MySQL user tables: # The control socket. #CONTROL_SOCK="unix:/var/run/rtpproxy/rtpproxy.sock" # To listen on an UDP socket, uncomment this line: -CONTROL_SOCK=udp:127.0.0.1:22222 +#CONTROL_SOCK=udp:127.0.0.1:22222 +CONTROL_SOCK=udp:127.0.0.1:7722 # Additional options that are passed to the daemon. -EXTRA_OPTS="-l 172.24.15.21 -d DBUG:LOG_LOCAL0" +EXTRA_OPTS="-l 172.24.15.30 -d DBUG:LOG_LOCAL0" ``` here, `-l ` @@ -255,7 +184,7 @@ Then run, $ systemctl restart rtpproxy ``` -#### 9. Edit configuration file to fit your requirements for the VoIP platform, you have to edit the /etc/kamailio/kamailio.cfg configuration file +#### 10. Edit configuration file to fit your requirements for the VoIP platform, you have to edit the /usr/local/etc/kamailio/kamailio.cfg configuration file Follow the instruction in the comments to enable usage of MySQL. Basically you have to add several lines at the top of config file, like: @@ -263,29 +192,80 @@ Follow the instruction in the comments to enable usage of MySQL. Basically you h #!define WITH_MYSQL #!define WITH_AUTH #!define WITH_USRLOCDB -#!define WITH_NAT (Include this if client and/or SIP server is behind a NAT) +#!define WITH_NAT + +(uncomment this line) +auto_aliases=no (uncomment this line and enter the DNS domain created above) -alias="mnc096.mcc262.3gppnetwork.org" +alias="ims.mnc001.mcc001.3gppnetwork.org" -(uncomment this line, 10.4.128.7 is the internal IP and 172.24.15.21 is the Public/Floating IP) -listen=udp:10.4.128.7:5060 advertise 172.24.15.21:5060 -``` +(uncomment this line, 10.4.128.21 is the internal IP and 172.24.15.30 is the Public/Floating IP) +listen=udp:10.4.128.21:5060 advertise 172.24.15.30:5060 +listen=tcp:10.4.128.21:5060 advertise 172.24.15.30:5060 -Further down, we will need to modify the rtpproxy_sock value to match the CONTROL_SOCK option we set for RTPProxy in /etc/default/rtpproxy -``` -modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:22222") +(Further down, we will need to modify the rtpproxy_sock value to match the CONTROL_SOCK option we set for RTPProxy in /etc/default/rtpproxy) +modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722") ``` If you changed the password for the 'kamailio' user of MySQL, you have to update the value for 'DBURL' parameters. -#### 10. Run Kamailio SIP server +#### 11. The init.d script + +The init.d script can be used to start/stop the Kamailio server in a nicer way. A sample of init.d script for Kamailio is provided at: +/usr/local/src/kamailio/pkg/kamailio/deb/debian/kamailio.init + +Just copy the init file into the /etc/init.d/kamailio. Then change the permissions: ``` -$ systemctl start kamailio +$ cp /usr/local/src/kamailio/pkg/kamailio/deb/bionic/kamailio.init /etc/init.d/kamailio +$ chmod 755 /etc/init.d/kamailio ``` -#### 11. A quick check for the basic working of SIP server can be done as follows: +then edit the /etc/init.d/kamailio file updating the $DAEMON and $CFGFILE values: + +``` +PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin +DAEMON=/usr/local/sbin/kamailio +CFGFILE=/usr/local/etc/kamailio/kamailio.cfg +``` + +You need to setup a configuration file in the /etc/default/ directory. This file can be found at: +/usr/local/src/kamailio/pkg/kamailio/deb/bionic/kamailio.default + +You need to rename the /etc/default/kamailio file to 'kamailio' after you've copied it. +Then edit this file and set RUN_KAMAILIO=yes. Edit the other options as per your setup. + +``` +$ cp /usr/local/src/kamailio/pkg/kamailio/deb/bionic/kamailio.default /etc/default/kamailio +$ systemctl daemon-reload +``` + +Create the directory for pid file: + +``` +$ mkdir -p /var/run/kamailio +``` + +Default setting is to run Kamailio as user kamailio and group kamailio. For that you need to create the user and set ownership + +``` +$ adduser --quiet --system --group --disabled-password \ + --shell /bin/false --gecos "Kamailio" \ + --home /var/run/kamailio kamailio +$ chown kamailio:kamailio /var/run/kamailio +``` + +Then you can start Kamailio using the following commands: + +``` +$ systemctl start kamailio.service +``` + +check running processes with: ps axw | egrep kamailio + + +#### 12. A quick check for the basic working of SIP server can be done as follows: Create new subscriber accounts. A new account can be added using `kamctl` tool via `kamctl add ` (When asked for entering MySQL password for user 'kamailio@localhost': type 'kamailiorw', as provided in kamailio.cfg) @@ -307,10 +287,10 @@ In Phone 1: ``` Username: test Password: testpasswd -Server: mnc096.mcc262.3gppnetwork.org (Created DNS Domain Name or IP to which IMS components are bound to, visible interface IP address) +Server: ims.mnc001.mcc001.3gppnetwork.org (Created DNS Domain Name or IP to which IMS components are bound to, visible interface IP address) Optional Settings: Authentication username: test - Outbound proxy address: 172.24.15.21 (Floating IP of VM in case of OpenStack or else no need to fill in case of physical machine) + Outbound proxy address: 172.24.15.30 (Floating IP of VM in case of OpenStack or else no need to fill in case of physical machine) Transport type: UDP ``` @@ -319,10 +299,10 @@ In Phone 2: ``` Username: test2 Password: testpasswd -Server: mnc096.mcc262.3gppnetwork.org (Created DNS Domain Name or IP to which IMS components are bound to, visible interface IP address) +Server: ims.mnc001.mcc001.3gppnetwork.org (Created DNS Domain Name or IP to which IMS components are bound to, visible interface IP address) Optional Settings: Authentication username: test2 - Outbound proxy address: 172.24.15.21 (Floating IP of VM in case of OpenStack or else no need to fill in case of physical machine) + Outbound proxy address: 172.24.15.30 (Floating IP of VM in case of OpenStack or else no need to fill in case of physical machine) Transport type: UDP ``` @@ -336,7 +316,7 @@ Select "more" option ``` Name: SIP Contact test2 (Any arbitary name) -SIP: test2@mnc096.mcc262.3gppnetwork.org (Created DNS Domain Name or IP to which IMS components are bound to, visible interface IP address) +SIP: test2@ims.mnc001.mcc001.3gppnetwork.org (Created DNS Domain Name or IP to which IMS components are bound to, visible interface IP address) ``` Save and exit @@ -347,14 +327,14 @@ Select "more" option ``` Name: SIP Contact test (Any arbitary name) -SIP: test@mnc096.mcc262.3gppnetwork.org (Created DNS Domain Name or IP to which IMS components are bound to, visible interface IP address) +SIP: test@ims.mnc001.mcc001.3gppnetwork.org (Created DNS Domain Name or IP to which IMS components are bound to, visible interface IP address) ``` Save and exit - Now try calling from either phone -#### 12. Create new mysql database for pcscf, scscf and icscf, populate databases and grant permissions to respective users identified by a password +#### 13. Create new mysql database for pcscf, scscf and icscf, populate databases and grant permissions to respective users identified by a password ``` $ mysql @@ -366,7 +346,7 @@ $ mysql In all of the below steps, when prompted for mysql root user password, leave it blank i.e. Press Enter ``` -$ cd /usr/local/src/kamailio-5.2/kamailio/utils/kamctl/mysql +$ cd /usr/local/src/kamailio/utils/kamctl/mysql $ mysql -u root -p pcscf < standard-create.sql $ mysql -u root -p pcscf < presence-create.sql $ mysql -u root -p pcscf < ims_usrloc_pcscf-create.sql @@ -378,7 +358,7 @@ $ mysql -u root -p scscf < ims_usrloc_scscf-create.sql $ mysql -u root -p scscf < ims_dialog-create.sql $ mysql -u root -p scscf < ims_charging_create.sql -$ cd /usr/local/src/kamailio-5.2/kamailio/misc/examples/ims/icscf +$ cd /usr/local/src/kamailio/misc/examples/ims/icscf $ mysql -u root -p icscf < icscf.sql ``` @@ -432,8 +412,8 @@ Verify that following tables are present in respective databases by logging into ``` grant delete,insert,select,update on pcscf.* to pcscf@localhost identified by 'heslo'; grant delete,insert,select,update on scscf.* to scscf@localhost identified by 'heslo'; - grant delete,insert,select,update on icscf.* to icscf@localhost identified by 'heslo'; - grant delete,insert,select,update on icscf.* to provisioning@localhost identified by 'provi'; + grant delete,insert,select,update on icscf.* to icscf@localhost identified by 'heslo'; + grant delete,insert,select,update on icscf.* to provisioning@localhost identified by 'provi'; GRANT ALL PRIVILEGES ON pcscf.* TO 'pcscf'@'%' identified by 'heslo'; GRANT ALL PRIVILEGES ON scscf.* TO 'scscf'@'%' identified by 'heslo'; GRANT ALL PRIVILEGES ON icscf.* TO 'icscf'@'%' identified by 'heslo'; @@ -446,341 +426,191 @@ Then, ``` $ mysql use icscf; - INSERT INTO `nds_trusted_domains` VALUES (1,'mnc096.mcc262.3gppnetwork.org'); - INSERT INTO `s_cscf` VALUES (1,'First and only S-CSCF','sip:scscf.mnc096.mcc262.3gppnetwork.org:6060'); + INSERT INTO `nds_trusted_domains` VALUES (1,'ims.mnc001.mcc001.3gppnetwork.org'); + INSERT INTO `s_cscf` VALUES (1,'First and only S-CSCF','sip:scscf.ims.mnc001.mcc001.3gppnetwork.org:6060'); INSERT INTO `s_cscf_capabilities` VALUES (1,1,0),(2,1,1); ``` -#### 13. Copy pcscf, icscf and scscf configuration files to /etc/ folder and edit accordingly +#### 14. Copy pcscf, icscf and scscf configuration files to /etc/ folder and edit accordingly ``` -$ cd /usr/local/src/kamailio-5.2/kamailio/misc/examples/ims/ -$ cp -r icscf/ /etc/kamailio_icscf -$ cp -r pcscf/ /etc/kamailio_pcscf -$ cp -r scscf/ /etc/kamailio_scscf +$ cd ~ && git clone https://github.com/herlesupreeth/Kamailio_IMS_Config +$ cd Kamailio_IMS_Config +$ cp -r kamailio_icscf/ /etc/ +$ cp -r kamailio_pcscf/ /etc/ +$ cp -r kamailio_scscf/ /etc/ ``` -Rename files in these folder kamailio_pcscf, kamailio_icscf and kamailio_scscf by removing .sample part from the configuration files. - -And, rename kamailio.cfg in respective folder as follows: kamailio_pcscf.cfg, kamailio_icscf.cfg and kamailio_scscf.cfg - -Edit the configuration files as per your deployment needs - -### I-CSCF - -Edit the DNS domain names, DB URL and IP addresses at all places in the icscf.cfg, icscf.xml files accordingly - -Changes required in icscf.cfg: +#### 15. Setup the DNS for resolving IMS and EPC components names ``` -# SIP / UDP -listen=udp:10.4.128.7:4060 -# SIP / TCP -listen=tcp:10.4.128.7:4060 - -alias=icscf.mnc096.mcc262.3gppnetwork.org - -#!define NETWORKNAME "mnc096.mcc262.3gppnetwork.org" -#!define HOSTNAME "icscf.mnc096.mcc262.3gppnetwork.org" - -#!define ENUM_SUFFIX "mnc096.mcc262.3gppnetwork.org." - -#!define DB_URL "mysql://icscf:heslo@localhost/icscf" +$ apt install -y bind9 ``` -Changes required in icscf.xml: +Use the below example DNS Zone file to create a DNS Zone file into the bind folder and +edit /etc/bind/named.conf.local, /etc/bind/named.conf.options accordingly: ``` -FQDN="icscf.mnc096.mcc262.3gppnetwork.org" -Realm="mnc096.mcc262.3gppnetwork.org" - - - - - - +$ cd /etc/bind ``` -Changes required in kamailio_icscf.cfg: +In the below example: Kamailio IMS & DNS server running at 10.4.128.21/172.24.15.30 (Floating IP) and PCRF also at 10.4.128.21/172.24.15.30 (Floating IP) ``` -# ------------------ module loading ---------------------------------- -mpath="/usr/lib64/kamailio/modules_k/:/usr/lib64/kamailio/modules/:/usr/lib/kamailio/modules_k/:/usr/lib/kamailio/modules/:/usr/lib/x86_64-linux-gnu/kamailio/modules/" +$ cat ims.mnc001.mcc001.3gppnetwork.org -#loadmodule "debugger.so" +$ORIGIN ims.mnc001.mcc001.3gppnetwork.org. +$TTL 1W +@ 1D IN SOA localhost. root.localhost. ( + 1 ; serial + 3H ; refresh + 15M ; retry + 1W ; expiry + 1D ) ; minimum -# if !($rU =~ "\+.*") { -# prefix("+"); -# } + 1D IN NS ns +ns 1D IN A 10.4.128.21 + +pcscf 1D IN A 10.4.128.21 +_sip._udp.pcscf 1D SRV 0 0 5060 pcscf +_sip._tcp.pcscf 1D SRV 0 0 5060 pcscf + +icscf 1D IN A 10.4.128.21 +_sip._udp 1D SRV 0 0 4060 icscf +_sip._tcp 1D SRV 0 0 4060 icscf + +scscf 1D IN A 10.4.128.21 +_sip._udp.scscf 1D SRV 0 0 6060 scscf +_sip._tcp.scscf 1D SRV 0 0 6060 scscf + +hss 1D IN A 10.4.128.21 ``` -To perform a quick test edit the /etc/default/kamailio file, by changing the configuration file parameter as follows: +Create another DNS zone for resolving pcrf domain as follows: ``` -# Config file -CFGFILE=/etc/kamailio_icscf/kamailio_icscf.cfg -``` -``` -$ $ mkdir -p /var/run/kamailio_icscf -$ adduser --quiet --system --group --disabled-password \ - --shell /bin/false --gecos "Kamailio" \ - --home /var/run/kamailio_icscf kamailio -$ chown kamailio:kamailio /var/run/kamailio_icscf +$ cat epc.mnc001.mcc001.3gppnetwork.org + +$ORIGIN epc.mnc001.mcc001.3gppnetwork.org. +$TTL 1W +@ 1D IN SOA localhost. root.localhost. ( + 1 ; serial + 3H ; refresh + 15M ; retry + 1W ; expiry + 1D ) ; minimum + + 1D IN NS epcns +epcns 1D IN A 10.4.128.21 + +pcrf 1D IN A 127.0.0.5 ``` -Then, execute below command + +Edit /etc/bind/named.conf.local file as follows: ``` -$ systemctl restart kamailio.service +// +// Do any local configuration here +// + +// Consider adding the 1918 zones here, if they are not used in your +// organization +//include "/etc/bind/zones.rfc1918"; + +zone "ims.mnc001.mcc001.3gppnetwork.org" { + type master; + file "/etc/bind/ims.mnc001.mcc001.3gppnetwork.org"; +}; + +zone "epc.mnc001.mcc001.3gppnetwork.org" { + type master; + file "/etc/bind/epc.mnc001.mcc001.3gppnetwork.org"; +}; ``` -And, check that there are no error by viewing logs using the below command +Edit /etc/bind/named.conf.options file as follows: ``` -$ journalctl -f --unit kamailio -``` +options { + directory "/var/cache/bind"; -### P-CSCF + // If there is a firewall between you and nameservers you want + // to talk to, you may need to fix the firewall to allow multiple + // ports to talk. See http://www.kb.cert.org/vuls/id/800113 -Edit the DNS domain names, DB URL and IP addresses at all places in the pcscf.cfg, pcscf.xml files accordingly + // If your ISP provided one or more IP addresses for stable + // nameservers, you probably want to use them as forwarders. + // Uncomment the following block, and insert the addresses replacing + // the all-0's placeholder. -Changes required in pcscf.cfg: + //forwarders { + // Put here the IP address of other DNS server which could be used if name cannot be resolved with DNS server running in this machine (Optional) + //10.4.128.2; + //}; -``` -# SIP / UDP -listen=udp:10.4.128.7:5060 + //======================================================================== + // If BIND logs error messages about the root key being expired, + // you will need to update your keys. See https://www.isc.org/bind-keys + //======================================================================== + dnssec-validation no; + allow-query { any; }; -#!define IPSEC_LISTEN_ADDR "10.4.128.7" - -alias=pcscf.mnc096.mcc262.3gppnetwork.org - -#!define PCSCF_URL "sip:pcscf.mnc096.mcc262.3gppnetwork.org" - -#!subst "/NETWORKNAME/mnc096.mcc262.3gppnetwork.org/" -#!subst "/HOSTNAME/pcscf.mnc096.mcc262.3gppnetwork.org/" - -#!define DB_URL "mysql://pcscf:heslo@localhost/pcscf" - -#!define SQLOPS_DBURL "pcscf=>mysql://pcscf:heslo@localhost/pcscf" - -##!define TRF_FUNCTION "trf.mnc096.mcc262.3gppnetwork.org" - -#!define WITH_RX -#!define WITH_RX_REG -#!define WITH_RX_CALL -#!define WITH_TCP -``` - -Changes required in pcscf.xml: - -``` -FQDN="pcscf.mnc096.mcc262.3gppnetwork.org" - -Realm="mnc096.mcc262.3gppnetwork.org" - - - - - - -``` - -Changes required in kamailio_pcscf.cfg: - -``` -# ------------------ module loading ---------------------------------- -mpath="/usr/lib64/kamailio/modules_k/:/usr/lib64/kamailio/modules/:/usr/lib/kamailio/modules_k/:/usr/lib/kamailio/modules/:/usr/lib/x86_64-linux-gnu/kamailio/modules/" - -#loadmodule "debugger.so" - -/* set the path to RPC fifo control file */ -modparam("jsonrpcs", "fifo_name", "/var/run/kamailio_pcscf/kamailio_rpc.fifo") -/* set the path to RPC unix socket control file */ -modparam("jsonrpcs", "dgram_socket", "/var/run/kamailio_pcscf/kamailio_rpc.sock") - -modparam("tls", "config", "/etc/kamailio_pcscf/tls.cfg") - -# ----- ctl params ----- -modparam("ctl", "binrpc", "unix:/var/run/kamailio_pcscf/kamailio_ctl") - -# AVP's required for Fail-Over-Support: -#modparam("dispatcher", "dst_avp", "$avp(DISPATCHER_DST_AVP)") -#modparam("dispatcher", "grp_avp", "$avp(DISPATCHER_GRP_AVP)") -#modparam("dispatcher", "cnt_avp", "$avp(DISPATCHER_CNT_AVP)") -#modparam("dispatcher", "sock_avp", "$avp(DISPATCHER_SOCK_AVP)") - -#modparam("ims_usrloc_pcscf", "hashing_type", 2) - -#!ifdef WITH_RX -# -- CDP params -- -modparam("cdp","config_file","/etc/kamailio_pcscf/pcscf.xml") -# -- diameter_rx params -- -modparam("ims_qos", "rx_dest_realm", "localdomain") # Enter realm to which PCRF belongs to -#modparam("ims_qos", "rx_dest_realm", "NETWORKNAME") - -#!ifdef WITH_IPSEC - if (!is_method("REGISTER")) { - ipsec_forward("location"); - } -#!endif - -#!ifdef WITH_IPSEC - ipsec_destroy("location"); -#!endif -``` - -Changes required in dispatcher.list: - -``` -# SBC's -``` - -To perform a quick test edit the /etc/default/kamailio file, by changing the configuration file parameter as follows: - -``` -# Config file -CFGFILE=/etc/kamailio_pcscf/kamailio_pcscf.cfg + auth-nxdomain no; # conform to RFC1035 + //listen-on-v6 { any; }; +}; ``` ``` -$ mkdir -p /var/run/kamailio_pcscf -$ adduser --quiet --system --group --disabled-password \ - --shell /bin/false --gecos "Kamailio" \ - --home /var/run/kamailio_pcscf kamailio -$ chown kamailio:kamailio /var/run/kamailio_pcscf +$ systemctl restart bind9 ``` -Then, execute below command +Then, test DNS resolution by adding following entries on top of all other entries in /etc/resolv.conf (make sure it persist across reboots) ``` -$ systemctl restart kamailio.service +search ims.mnc001.mcc001.3gppnetwork.org +nameserver 10.4.128.21 ``` -And, check that there are no error by viewing logs using the below command (Ignore the rtpengine related for now, as we will install in next step) +Finally, ping to ensure ``` -$ journalctl -f --unit kamailio +$ ping pcscf +PING pcscf.ims.mnc001.mcc001.3gppnetwork.org (10.4.128.21) 56(84) bytes of data. +64 bytes from localhost (10.4.128.21): icmp_seq=1 ttl=64 time=0.017 ms +64 bytes from localhost (10.4.128.21): icmp_seq=2 ttl=64 time=0.041 ms ``` -### S-CSCF - -Edit the DNS domain names, DB URL and IP addresses at all places in the scscf.cfg, scscf.xml files accordingly - -Changes required in scscf.cfg: +To make changes in /etc/resolv.conf be persistent across reboot edit the /etc/netplan/50-cloud-init.yaml file as follows: ``` -# SIP / UDP -listen=udp:10.4.128.7:6060 -# SIP / TCP -listen=tcp:10.4.128.7:6060 - -#!define NETWORKNAME "mnc096.mcc262.3gppnetwork.org" -#!define HOSTNAME "scscf.mnc096.mcc262.3gppnetwork.org" -#!define URI "sip:scscf.mnc096.mcc262.3gppnetwork.org:6060" - -alias=scscf.mnc096.mcc262.3gppnetwork.org - -# ENUM-Server to query: -#!define ENUM_SUFFIX "mnc096.mcc262.3gppnetwork.org." - -#!define DB_URL "mysql://scscf:heslo@localhost/scscf" - -#!define RO_MNC "96" - -#!define WITH_TCP -``` - -Changes required in scscf.xml: - -``` -FQDN="scscf.mnc096.mcc262.3gppnetwork.org" - -Realm="mnc096.mcc262.3gppnetwork.org" - - - - - - -``` - -Changes required in kamailio_scscf.cfg: - -``` -# ------------------ module loading ---------------------------------- -mpath="/usr/lib64/kamailio/modules_k/:/usr/lib64/kamailio/modules/:/usr/lib/kamailio/modules_k/:/usr/lib/kamailio/modules/:/usr/lib/x86_64-linux-gnu/kamailio/modules/" - -#loadmodule "debugger.so" - -/* set the path to RPC fifo control file */ -modparam("jsonrpcs", "fifo_name", "/var/run/kamailio_scscf/kamailio_rpc.fifo") -/* set the path to RPC unix socket control file */ -modparam("jsonrpcs", "dgram_socket", "/var/run/kamailio_scscf/kamailio_rpc.sock") - -# ----- ctl params ----- -modparam("ctl", "binrpc", "unix:/var/run/kamailio_scscf/kamailio_ctl") - -# -- CDP params -- -modparam("cdp","config_file","/etc/kamailio_scscf/scscf.xml") - -# AVP's required for Fail-Over-Support: -#modparam("dispatcher", "dst_avp", "$avp(DISPATCHER_DST_AVP)") -#modparam("dispatcher", "grp_avp", "$avp(DISPATCHER_GRP_AVP)") -#modparam("dispatcher", "cnt_avp", "$avp(DISPATCHER_CNT_AVP)") -#modparam("dispatcher", "sock_avp", "$avp(DISPATCHER_SOCK_AVP)") - - # Terminating - if (uri == myself || uri =~ "tel:.*") { - if (!term_impu_registered("location")) { - xlog("L_DBG", "We need to do an UNREG server SAR assignemnt"); - assign_server_unreg("UNREG_SAR_REPLY", "location", "term"); - sl_send_reply("403","Forbidden - Domain not served"); - exit; - } - } -# } else { -# sl_send_reply("403","Forbidden - Domain not served"); -# exit(); -# } -``` - -Changes required in dispatcher.list: Not sure what to do hence remove as follows - -``` -# ng-voice Interconnect -``` - -To perform a quick test edit the /etc/default/kamailio file, by changing the configuration file parameter as follows: - -``` -# Config file -CFGFILE=/etc/kamailio_scscf/kamailio_scscf.cfg +# This file is generated from information provided by +# the datasource. Changes to it will not persist across an instance. +# To disable cloud-init's network configuration capabilities, write a file +# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following: +# network: {config: disabled} +network: + version: 2 + ethernets: + ens3: + dhcp4: true + match: + macaddress: fa:16:3e:99:f5:67 + set-name: ens3 + nameservers: + search: [ims.mnc001.mcc001.3gppnetwork.org,epc.mnc001.mcc001.3gppnetwork.org] + addresses: + - 10.4.128.21 + version: 2 ``` ``` -$ mkdir -p /var/run/kamailio_scscf -$ adduser --quiet --system --group --disabled-password \ - --shell /bin/false --gecos "Kamailio" \ - --home /var/run/kamailio_scscf kamailio -$ chown kamailio:kamailio /var/run/kamailio_scscf +$ netplan apply +$ ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf +$ systemctl restart systemd-resolved.service ``` -Then, execute below command - -``` -$ systemctl restart kamailio.service -``` - -And, check that there are no error by viewing logs using the below command - -``` -$ journalctl -f --unit kamailio -``` - -Can run S-CSCF as follows: `kamailio -f kamailio_scscf.cfg` - - -#### 14. Install RTPEngine +#### 16. Install RTPEngine Check for dependencies, install dependencies and build .deb packages @@ -815,7 +645,7 @@ $ cp /etc/rtpengine/rtpengine.sample.conf /etc/rtpengine/rtpengine.conf Edit this file as follows under "[rtpengine]": ``` -interface = 10.4.128.7!172.24.15.21 +interface = 10.4.128.21!172.24.15.30 ``` Port on which rtpengine binds i.e. listen_ng parameter is udp port 2223. This should be updated in kamailio_pcscf.cfg file at modparam(rtpengine ... @@ -844,16 +674,16 @@ $ systemctl disable rtpproxy $ systemctl mask rtpproxy ``` -Second instance of RTPENGINE can be run as follows: +Second instance of RTPENGINE can be run as follows (Optional) ``` $ iptables -I rtpengine -p udp -j RTPENGINE --id 1 $ ip6tables -I INPUT -p udp -j RTPENGINE --id 1 $ echo 'del 1' > /proc/rtpengine/control -$ /usr/sbin/rtpengine --table=1 --interface=10.4.128.7!172.24.15.21 --listen-ng=127.0.0.1:2224 --tos=184 --pidfile=ngcp-rtpengine-daemon2.pid --no-fallback +$ /usr/sbin/rtpengine --table=1 --interface=10.4.128.21!172.24.15.30 --listen-ng=127.0.0.1:2224 --tos=184 --pidfile=ngcp-rtpengine-daemon2.pid --no-fallback --foreground ``` -#### 15. Running I-CSCF, P-CSCF and S-CSCF as separate systemctl process +#### 17. Running I-CSCF, P-CSCF and S-CSCF as separate systemctl process First, stop the default kamailio SIP server @@ -874,6 +704,7 @@ $ cp /etc/init.d/kamailio /etc/init.d/kamailio_scscf Changes required in /etc/init.d/kamailio_icscf ``` +PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin NAME="kamailio_icscf" CFGFILE=/etc/$NAME/kamailio_icscf.cfg ``` @@ -881,6 +712,7 @@ CFGFILE=/etc/$NAME/kamailio_icscf.cfg Changes required in /etc/init.d/kamailio_pcscf ``` +PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin NAME="kamailio_pcscf" CFGFILE=/etc/$NAME/kamailio_pcscf.cfg ``` @@ -888,6 +720,7 @@ CFGFILE=/etc/$NAME/kamailio_pcscf.cfg Changes required in /etc/init.d/kamailio_scscf ``` +PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin NAME="kamailio_scscf" CFGFILE=/etc/$NAME/kamailio_scscf.cfg ``` @@ -926,10 +759,81 @@ RUN_KAMAILIO=yes Finally, ``` +$ systemctl daemon-reload $ systemctl start kamailio_icscf kamailio_pcscf kamailio_scscf ``` -#### 16. Setup FoHSS in order to talk with I-CSCF and S-CSCF +#### 18. Install Open5gs in the same machine as Kamailio IMS - Install Open5gs from source + +Please refer to instructions at https://open5gs.org/open5gs/docs/guide/02-building-open5gs-from-sources/ + +Installing Open5gs on the same machine is very important because the "frame_ip4_address" in the AAR request via Rx interface takes received IP address and port in ims_qos module, hence, if the Open5gs is on a separate VM/machine, the IP and port received in received_ip and received_port values seen by Kamailio IMS will be the NATed IP of the Open5gs machine resulting in failing of AAR request. +{: .notice--info} + +Install open5gs, with the fixes for forcing UE to PS domain attach, IPV4 usaeg and support for Rx MEDIA TYPE -CONTROL. +Fixes can be found at "hacks" branch at https://github.com/herlesupreeth/open5gs +{: .notice--info} + +Modify below mentioned parts of configuration files in addition to "Configure Open5GS" section in link https://open5gs.org/open5gs/docs/guide/02-building-open5gs-from-sources/ +(For reference, look at the configuration files at https://github.com/herlesupreeth/Open5gs_Config) +- Change realm of components to epc.mnc001.mcc001.3gppnetwork.org +- Define IP pools for APNs used i.e one for default APN and another for IMS apn +- Define P-CSCF address in the pgw configuration +- Define a ConnectPeer for pcscf.ims.mnc001.mcc001.3gppnetwork.org with its IP and port in PCRF freediameter configuration +- Setup IP tables for the UE pools defined and create appropriate tun interfaces + +Below startup script can be used for setting up interfaces: + +``` +#!/bin/bash + +sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward" +sh -c "echo 1 > /proc/sys/net/ipv6/ip_forward" + +ip tuntap add name ogstun mode tun +ip addr add 192.168.100.1/24 dev ogstun +ip addr add fd84:6aea:c36e:2b69::/64 dev ogstun +ip link set ogstun mtu 1400 +ip link set ogstun up +iptables -t nat -A POSTROUTING -s 192.168.100.0/24 ! -o ogstun -j MASQUERADE +ip6tables -t nat -A POSTROUTING -s fd84:6aea:c36e:2b69::/64 ! -o ogstun -j MASQUERADE +iptables -I INPUT -i ogstun -j ACCEPT +ip6tables -I INPUT -i ogstun -j ACCEPT + +ip tuntap add name ogstun2 mode tun +ip addr add 192.168.101.1/24 dev ogstun2 +ip addr add fd1f:76f3:da9b:0101::/64 dev ogstun2 +ip link set ogstun2 mtu 1400 +ip link set ogstun2 up +iptables -t nat -A POSTROUTING -s 192.168.101.0/24 ! -o ogstun2 -j MASQUERADE +ip6tables -t nat -A POSTROUTING -s fd1f:76f3:da9b:0101::/64 ! -o ogstun2 -j MASQUERADE +iptables -I INPUT -i ogstun2 -j ACCEPT +ip6tables -I INPUT -i ogstun2 -j ACCEPT +``` + +Add users with following APN settings in Open5gs: + +
+APN Configuration:
+-------------------------------------------------------------------------------------------------------------------------
+| APN      | QCI | ARP | Capability | Vulnerablility | MBR DL/UL(Kbps)     | GBR DL/UL(Kbps) | PGW IP        |
+-------------------------------------------------------------------------------------------------------------------------
+| internet | 9   | 8   | Disabled   | Disabled       | unlimited/unlimited |                 |               |           
+-------------------------------------------------------------------------------------------------------------------------
+| ims      | 5   | 1   | Disabled   | Disabled       | 3850/1530           |                 |               |           
+|          | 1   | 2   | Enabled    | Enabled        | 256/256             | 256/256         |               |
+|            Downlink permit out ip from any 1-65535 to any 1-65535
+|            Uplink permit out ip from any 1-65535 to any 1-65535
+-------------------------------------------------------------------------------------------------------------------------
+
+ +Finally, make sure of the following in Open5gs + +- PCO options which indicate the address of the Proxy-CSCF +- Need to indicate support for Voice-over-Packet-Switched (VoPS) in NAS message to UE from EPC + + +#### 19. Setup FoHSS in order to talk with I-CSCF and S-CSCF Requirements for FoHSS: Install Java JDK and ant @@ -971,9 +875,9 @@ Check java version ``` $ java -version - java version "1.7.0_79" - Java(TM) SE Runtime Environment (build 1.7.0_79-b15) - Java HotSpot(TM) 64-Bit Server VM (build 24.79-b02, mixed mode) +java version "1.7.0_79" +Java(TM) SE Runtime Environment (build 1.7.0_79-b15) +Java HotSpot(TM) 64-Bit Server VM (build 24.79-b02, mixed mode) ``` Install Ant @@ -1098,10 +1002,11 @@ slasheddomain=`echo $domainname | sed 's/\./\\\\\\\\\./g'` ``` $ chmod +x configurator.sh $ ./configurator.sh -Domain Name:mnc096.mcc262.3gppnetwork.org -IP Adress:10.4.128.7 +Domain Name:ims.mnc001.mcc001.3gppnetwork.org +IP Adress:10.4.128.21 $ grep -r "open-ims" +(Change realm name in the below file from open-ims.test to ims.mnc001.mcc001.3gppnetwork.org) $ vim webapps/hss.web.console/WEB-INF/web.xml $ vim hibernate.properties ``` @@ -1116,19 +1021,19 @@ $ cp configurator.sh ../scripts/ $ cd ../scripts $ grep -r "open-ims" $ ./configurator.sh -Domain Name:mnc096.mcc262.3gppnetwork.org -IP Adress:10.4.128.7 +Domain Name:ims.mnc001.mcc001.3gppnetwork.org +IP Adress:10.4.128.21 $ cp configurator.sh ../config/ $ cd ../config $ ./configurator.sh -Domain Name:mnc096.mcc262.3gppnetwork.org -IP Adress:10.4.128.7 +Domain Name:ims.mnc001.mcc001.3gppnetwork.org +IP Adress:10.4.128.21 $ cd ../src-web $ vim WEB-INF/web.xml ``` -And, change open-ims.test to mnc096.mcc262.3gppnetwork.org +And, change open-ims.test to ims.mnc001.mcc001.3gppnetwork.org Prepare mysql database: @@ -1187,44 +1092,108 @@ $ ./hss.sh Access the web-interface of HSS: http://:8080/hss.web.console/ -http://172.24.15.21:8080/hss.web.console/ +http://172.24.15.30:8080/hss.web.console/ ``` user: hssAdmin password: hss ``` -#### 17. A quick check for the basic working of SIP IMS server can be done as follows +Then, edit the /etc/hosts file as follows: -The steps are exactly the same as in Step 11, but now the usernames and passwords are alice and bob, which are the default users present in FoHSS. - -#### 18. Ensure Open5GS PCRF of the Core Network is configured to use IMS - -In open5gs.yaml, add the floating IP of the VM running P-CSCF as shown below +In the below example. epc-ims is the hostname of the machine ``` -parameter: - no_ipv6: true - prefer_ipv4: true - -pcscf: - - 172.24.15.21 +root@epc-ims:~# cat /etc/hosts +127.0.0.1 localhost +127.0.0.1 epc-ims ``` -And, make sure to run Open5GS with Realm as created above "mnc096.mcc262.3gppnetwork.org" so that when a connection request from P-SCSF to PCRF with a FQDN pcrf.mnc096.mcc262.3gppnetwork.org it should be resolved as localhost of the Open5GS machine -{: .notice--warning} +#### 20. Add IMS subscription use in FoHSS as follows from the Web GUI -- To change Realm in All-in-One Open5GS configuration +Assuming IMSI of the user as 001010123456791 ``` -$ cd ~/open5gs/install/etc/freediameter +Login to the HSS web console. +Navigate to the User Identities page +Create the IMSU +Click IMS Subscription / Create +Enter: +Name = 001010123456791 +Capabilities Set = cap_set1 +Preferred S-CSCF = scsf1 +Click Save + +Create the IMPI and Associate the IMPI to the IMSU +Click Create & Bind new IMPI +Enter: +Identity = 001010123456791@ims.mnc001.mcc001.3gppnetwork.org +Secret Key = 8baf473f2f8fd09487cccbd7097c6862 (Ki value as in Open5gs HSS database) +Authentication Schemes - All +Default = Digest +AMF = 8000 (As in Open5gs HSS database) +OP = 11111111111111111111111111111111 (As in Open5gs HSS database) +SQN = 000000021090 (As in Open5gs HSS database, better to disable SQN check in USIM rather than syncing between Open5gs HSS and FoHSS) +Click Save + +Create and Associate IMPI to IMPU +Click Create & Bind new IMPU +Enter: +Identity = sip:001010123456791@ims.mnc001.mcc001.3gppnetwork.org +Service Profile = default_sp +Charging-Info Set = default_charging_set +IMPU Type = Public_User_Identity +Click Save + +Add Visited Network to IMPU +Enter: +Visited Network = ims.mnc001.mcc001.3gppnetwork.org +Click Add ``` -- And, change all the configuration files in freediameter folder (hss.conf, mme.conf, pcrf.conf, pgw.conf) to have desired Domain Name -- Copy `make_certs.sh` from `~/open5gs/misc` to `~/open5gs/install/etc/freediameter`. -- Modify Domain Names in make_certs.sh and Generate the certificates using make_certs.sh -- Insert additional "ConnectPeer" entry in `~/open5gs/install/etc/freediameter/pcrf.conf` to connect to P-CSCF as show below +#### 21. APN settings + +Clear all previous APN settings + +Then, create APN as follows: + +- First create internet APN, APN name: internet, APN type: default --> Save APN +- Then, create ims APN, APN name: ims, APN type: ims --> Save APN + +#### 22. eNB settings + +Must have in the eNB: +- Support for QoS +- Support for Dedicated radio bearer creation +- Make sure to check the DRB configuration with respect to QCI of APN accordingly (QCI 5 for ims) + +On the eNB machine have the following static routes (since internal IP of the VM is advertised in S1AP messages and UE wont find the core in Uplink) ``` -ConnectPeer = "pcscf.mnc096.mcc262.3gppnetwork.org" { ConnectTo = "172.24.15.21"; Port=3871; No_TLS; NO_SCTP; }; +$ ip r add 10.4.128.21/32 via 172.24.15.30 ``` + +#### 23. USIM and UE settings + +- Make sure to disable SQN check in Sysmocom SIM cards using sysmo-usim-tool tool (https://github.com/herlesupreeth/sysmo-usim-tool) +- Tested with OnePlus 5 - With modfication to enable force IMS registration is a must or else UE will not even attempt to connect to P-CSCF. Need to apply the fix back after each update. +(https://forum.xda-developers.com/oneplus-5t/how-to/guide-volte-vowifi-german-carriers-t3817542) + +#### 24. Start IMS components and FoHSS followed by Open5gs and eNB, then try connecting the phones + + +#### 25. For debugging + +Debug using wireshark at Open5gs machine and following wireshark display filter + +``` +s1ap || gtpv2 || diameter || diameter.3gpp || sip +``` + +Also, + +Debugging Diameter messages between PCRF and P-CSCF in Wireshark if the TCP/SCTP port other than 3868 + +Open Wireshark --> Preferences --> Protocols --> Diameter --> Change to whatever ports are being used + +