B Ultra Cloud Core CNDP Smi 5g Lab v1

Cisco Ultra Cloud Core CNDP SMI 5G v1
First Published: 2021-06-04
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
© 2021 Cisco Systems, Inc. All rights reserved.
CONTENTS
CHAPTER 1 About 1
About This Lab 1
Requirements 1
About this Solution 1
Topology 2
Host Details 3
SMI Components Details 4
SMI Software 5
Before You Present 5
Get Started 5
CHAPTER 2 Scenarios 7
Verify CNDP Cluster Manager 7

Verify Kubernetes Cluster 14
CEE - Common Execution Environment 17
AMF - Access and Mobility Management Function 22
SMF - Session Management Function 29
UPF - User Plane Function 39
Login to UPF 39
5G Call Simulation 44
5G Call Setup 44
Monitor Subscriber 46
Start the 5G Call (8th Lattice Terminal Session – UE and gNB) 48
5G Call Verification 48
CHAPTER 3 Appendix 51

iii
Contents
Appendix A. Failure Recovery Procedure 51

Appendix B. CLI Reference 53
SMF CLI Commands 53
CEE CLI Commands 53
UPF CLI Commands 54
CHAPTER 4 What’s Next? 57

iv
CHAPTER 1
About
• About This Lab, on page 1
• Requirements, on page 1
• About this Solution, on page 1
• Topology, on page 2
• Host Details, on page 3
• SMI Components Details, on page 4
• SMI Software, on page 5
About This Lab

The Ultra Cloud Core Subscriber Microservices Infrastructure (SMI) provides a run time environment for
deploying and managing Cisco's 5G cloud native network functions (CNFs).
Requirements
The table below outlines the requirements for this preconfigured lab.
Required Optional
Laptop
Laptop with Cisco AnyConnect®
About this Solution

The Ultra Cloud Core Subscriber Microservices Infrastructure (SMI) provides a run time environment for
deploying and managing Cisco's 5G cloud native network functions (CNFs).
The Cloud Native Deployment Platform (CNDP) can deploy and manage SMI on the following platforms.
• VMware: The CNDP Cluster Manager deploys the base images using the vSphere APIs.
• Bare Metal: The CNDP Cluster Manager configures UCS-C based hosts using Cisco Integrated
Management Controller (CIMC) APIs.

1
About
Topology
The workflow for deploying the SMI and CNFs involves the following aspects:
• Deploying the Inception VM
• Deploying the Cluster Manager
• Deploying the Kubernetes Cluster
• Deploying the 5G Cloud Native Network Functions
• Deploying the UPF VNF
This lab is deployed on VMware. AMF and SMF are running as a CNF and UPF is a VNF. Rest of the 5G
NFs like AUSF, UDM, PCF, CHF and UE/gNB are simulated in lattice.
Upon completion of this lab, you will:
• Understand the 5G Architecture
• Understand the SMI Cloud Native Architecture
• Get hands on experience on the Cloud Native Platform based on Kubernetes
• Get hands on experience on the installation and configuration of 5G Standalone (SA) Network Functions
• Initiate a 5G Test Session
Topology
This content includes preconfigured SMI components and 5G NFs to illustrate the features of the solution.
Most components are fully configurable with predefined administrative user accounts. You can see the IP
address and user account credentials to use to access a component by clicking the component icon in the
Topology menu of your active session.
dCloud Topology

2
About
Host Details
Logical Topology
Host Details
Host Name IP Address Username Password
Name Description
(FQDN)
vCenter VMware vc65.demo.dcloud.cisco.com 198.18.134.65 Administrator Cisco@123
vCenter

3
About
SMI Components Details
Host Name IP Address Username Password

Name Description
(FQDN)
Compute1 VMware ESXi Compute1d.emod.cloudc.iscoc.om 198.18.134.41 root C1sco12345
Host

Host

Host

Host

Host

Host

Host

Host
Esxi1 VMware ESXi Esxi1.demo.dcloud.cisco.com 198.18.134.27 root C1sco12345

Host
Esxi2 VMware ESXi Esxi2.demo.dcloud.cisco.com 198.18.134.28 root C1sco12345

Host
SMI Components Details

Name Description IP Address Username Password
Inception VM CNDP Inception 198.18.134.9 cloud-user Cisco@123
Deployer
SMI CM VIP CNDP Cluster 198.18.134.12 cloud-user Cisco@123

Manager VIP
Smi-cluster-cm-active CNDP Cluster 198.18.134.10 cloud-user Cisco@123

Manager
Smi-cluster-cm-standby CNDP Cluster 198.18.134.11 cloud-user Cisco@123

Manager
Master VIP K8s Master VIP 198.18.134.30 cloud-user Cisco@123
5g-master-1 K8s Master-1 198.18.134.31 cloud-user Cisco@123

4
About
SMI Software
Name Description IP Address Username Password

5g-worker-1 K8s Worker-1 198.18.134.34 cloud-user Cisco@123
UPF-1 UPF VNF 198.18.134.40 admin Cisco@123
Lattice Call Simulator 198.18.134.26 root Cisco@123
NSO Cisco NFV-O 198.18.134.29 root Cisco@123
SMI Software
Name Software Version
Cluster Manager cluster-deployer-2020.02.1.20
CEE cee-2020.02.1.i25
AMF amf.2021.02.m0.i2
SMF smf.2020.02.5.i348
UPF 21.22.4.79903
Before You Present

Cisco dCloud strongly recommends that you perform the tasks in this document before presenting in front of
a live audience. This will allow you to become familiar with the structure of the document and content.
dCloud recommends using the Chrome browser for all demos.
PREPARATION IS KEY TO A SUCCESSFUL PRESENTATION.
Get Started
Follow these steps to schedule a session of the content and configure your presentation environment.

5
About
Get Started
Procedure
Step 1 Initiate your dCloud session. [Show Me How]

Note It may take up to 30 minutes for your session to become active and then fully initialize.
Step 2 For best performance, connect to the workstation with Cisco AnyConnect VPN [Show Me How] and the local
RDP client on your laptop [Show Me How]
• Workstation 1: 198.18.133.252, Username: administrator, Password: C1sco12345

6
CHAPTER 2
Scenarios
• Verify CNDP Cluster Manager, on page 7
• Verify Kubernetes Cluster, on page 14
• CEE - Common Execution Environment, on page 17
• AMF - Access and Mobility Management Function, on page 22
• SMF - Session Management Function, on page 29
• UPF - User Plane Function, on page 39
• 5G Call Simulation, on page 44
Verify CNDP Cluster Manager

Value Proposition: The CNDP Cluster Manager deploys and manages the Kubernetes cluster. It is also used
to onboard 5G CNFs and CEE on the Kubernetes cluster. CNDP Cluster Manager runs the all-in-one lightweight
Kubernetes and it is managed and configured using its Ops-center. It also has its own CEE for monitoring
and logging. It is deployed in Active and Standby mode.
Procedure
Step 1 On the remote desktop, launch PuTTY.

Step 2 In the Saved Sessions section of the PuTTY Configuration window, select SMI-CM.
Step 3 Click Open. If you receive a security alert, click Yes.
Step 4 Login to CNDP Cluster Manager with username cloud-user, password Cisco@123.
Step 5 SMI-CM runs the all-in-one Kubernetes cluster. Let’s verify the cluster manager version.
cloud-user@smi-cluster-cm-active:~$ kubectl get nodes

NAME STATUS ROLES AGE VERSION
smi-cluster-cm-active Ready master 7d12h v1.19.2
Step 6 Enter the following command to verify that dedicated namespaces exist for SMI-CM and CEE.
cloud-user@smi-cluster-cm-active:~$ kubectl get ns

NAME STATUS AGE
cee-cm Active 7d12h
default Active 7d13h
kube-node-lease Active 7d13h
kube-public Active 7d13h

7
Scenarios
kube-system Active 7d13h

nginx-ingress Active 7d13h
registry Active 7d13h
smi-certs Active 7d13h
smi-cm Active 7d12h
smi-node-label Active 7d13h
smi-secure-access Active 7d13h
smi-vips Active 7d13h
Step 7 Enter the following command to verify that Kubernetes objects exist in the namespace smi-cm.
cloud-user@smi-cluster-cm-active:~$ kubectl get pods -n smi-cm

NAME READY STATUS RESTARTS
AGE
cluster-files-offline-smi-cluster-deployer-665dcc868-6l5wx 1/1 Running 4
7d13h
ops-center-smi-cluster-deployer-66dcbd89f7-q6t6l 7/7 Running 31
7d13h
squid-proxy-56777d544c-4ftsr 1/1 Running 4
7d13h
Step 8 To login to SMI-CM Ops-center, we will use the Ops-center service ClusterIP and port number. Enter the
following command first to view them.
cloud-user@smi-cluster-cm-active:~$ kubectl get svc -n smi-cm

NAME TYPE CLUSTER-IP EXTERNAL-IP
PORT(S) AGE
cluster-files-offline-smi-cluster-deployer ClusterIP 10.110.154.41 <none>
8080/TCP 7d13h
iso-host-cluster-files-smi-cluster-deployer ClusterIP 10.111.42.166 198.18.134.12
80/TCP 7d13h
iso-host-ops-center-smi-cluster-deployer ClusterIP 10.104.11.234 198.18.134.12
3001/TCP 7d13h
netconf-ops-center-smi-cluster-deployer ClusterIP 10.101.3.156 198.18.134.12
2025/TCP,2024/TCP 7d13h
ops-center-smi-cluster-deployer ClusterIP 10.102.132.151 <none>
8008/TCP,2024/TCP,2022/TCP,7681/TCP,3000/TCP,3001/TCP 7d13h
squid-proxy-node-port NodePort 10.106.86.222 <none>
3128:30543/TCP 7d13h
Step 9 View the SMI-CM config which is used to deploy the Kubernetes cluster and on-board CEE, AMF and SMF
cloud-user@smi-cluster-cm-active:~$ ssh -p 2024 admin@10.102.132.151

admin@10.102.132.151's password: Cisco@123
Welcome to the Cisco SMI Cluster Deployer on smi-cluster-cm-active
Copyright © 2016-2020, Cisco Systems, Inc.
All rights reserved.
admin connected from 198.18.134.11 using ssh on
ops-center-smi-cluster-deployer-66dcbd89f7-q6t6l
[smi-cluster-cm-active] SMI Cluster Deployer# show running-config | nomore
software cnf amf.2021.02.m0.i2
url file:///data/software/images/amf.2021.02.m0.i2.tar
user cloud-user
password $8$4FglXvJrSHMc3+kMtiU4w9T/ADLevMExE2GIrVwHGFo=
accept-self-signed-certificate true
sha256
e124b562006afc8eb113f5f4209894837023ba37cdf2add8fb13bd57565cf832
exit
software cnf cee-2020.02.1.i25
url file:///data/software/images/cee-2020.02.1.i25.tar
user cloud-user
password $8$HtBKIvvGWMH+aJZHuAWd5m1LbTMXdbeuJooX9+RUYE0=

8
Scenarios
sha256
c95a3ad1332235c9650fc90bb138f6b29aceb42a6d11436f371dd57c117d00ed
exit
software cnf smf.2020.02.5.i348
url file:///data/software/images/smf.2020.02.5.i348.tar
user cloud-user
password $8$cXzDvzkBT+9hJB9IEeDtVILINE2VQ2gj65I8NjZ1Hg8=
sha256
18d4ab0843b267d0daa10eb33e9d4080f36219498ee867fbe5b478de3ee6d6e3
exit
environments vcenter
vcenter server vc65.demo.dcloud.cisco.com
vcenter allow-self-signed-cert true
vcenter user Administrator
vcenter password $8$loaJC7/IZQfKz/u4W/6cMTOMqHbPHY1pkopgNZLBQR4=
vcenter datastore compute1-local-storage
vcenter cluster 5g-cluster
vcenter datacenter 5g-dc
vcenter host compute1.demo.dcloud.cisco.com
vcenter nics management
exit
exit
feature-gates alpha true
feature-gates test true
clusters 5g
environment vcenter
addons ingress bind-ip-address 198.18.134.30
addons kubernetes-dashboard disabled
addons istio enabled
configuration master-virtual-ip 198.18.134.30
configuration virtual-ip-vrrp-router-id 101
configuration enable-pod-security-policy false
configuration pod-subnet 28.0.0.0/16
configuration size functional-test-aio
configuration allow-insecure-registry true
configuration restrict-logging false
configuration docker-address-pools pool1
base 10.106.0.0/16
size 24
exit
node-defaults initial-boot default-user cloud-user
node-defaults initial-boot default-user-ssh-public-key "ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQCgVg/Y0Jj+JA+39R0qB7ZTDCcN9XIXJwtnffKNidB0GtigmNlHbY3FXQ1j24GfREwDVTKVn6TnzWm+79EU+IOZFuRGPLOMwdLdcMzFUXgaLf+Pig1ZMWjY2Y759pqN1OhydQI37HP5pOOJj36IxHXlzcb2BqQCYV4fBwFai/amh8nJgFVKjmdZTkHl/mAtPHE4+/1/T7Q8kezAYzc0Q34+9bf9TO97vhx2wX/DA3YI9ArhD3F9FoSirQixteeCgAL67vW/t+OmngFarW2mRhyvemKl+uDfggN2LGMsx3TvCAeqqk9Y/gCOkLREwiVuNHrFFuSdpSoYdQ8XXa72q9/X
cloud-user@smi-cluster-cm-active"
node-defaults initial-boot default-user-password
$8$ON0qqJS5ESDpH7EsPRXJngyJXXR4LY+sW5UXOIudDpM=
node-defaults initial-boot netplan ethernets ens192
dhcp4 false
dhcp6 false
exit
node-defaults k8s ssh-username cloud-user
node-defaults k8s ssh-connection-private-key
"
$
8p
5
P
S
U
6J
P
j
E
G
X4
F
Y
p
U
QS
Z
7
m
0
wE
R
F
3
2
g+
s
e
k
D
BQ
r
/
F
cz
k
0
U
y
f
oJ
P
O
5
x
dr
w
E
p
Ux
g
Q
r
8
Jk
o
/
y
\
nk
Z
I
R
d
P
A0
O
E
k
f
WZ
T
z
o
vQ
e
M
C
a
i/
z
w
e
7
b
cf
g
p
2
ao
y
w
b
/e
3
Z
v
A
4k
i
D
O
x
9
Za
u
3
y
Tx
5
R
O
IP
j
y
\
n
3Z
1
B
Y
O
me
y
+
Z
aW
d
h
m
Q
PW
i
U
x
m
OB
I
a
0
b
f
+o
O
A
C
De
/
t
8
I
oy
B
+
G
l
CT
Y
j
U
B
io
b
N
Q
g
6
Cx
j
V
+
D0
e
\
n
U
B1
T
2
n
i
hg
N
E
0
C5
i
p
D
C
HS
f
N
a
Pv
Y
m
e
U1
i
L
e
K
z
05
J
e
o
aV
b
A
C
5
/p
3
Q
T
z
oI
Q
J
h
/
Ta
o
d
K
S
7\
n
Z
5
8K
d
H
I
R
tA
5
b
W
h
Z
08
i
h
O
A
MN
K
D
+
1w
u
Y
n
C
SH
L
9
a
Q
e
Jn
f
4
T
F
KY
n
T
m
Q
Eg
5
+
Z
F
jB
U
l
T
1U
+
B
E
w
j\
n
D
I
d
Pc
l
1
u
k3
o
j
4
hG
g
k
T
iM
S
O
K
2+
Y
u
k
6D
0
3
S
1G
f
+
Z
r
J
Oi
o
7
Y
K
S8
t
i
M
S
Xd
o
s
8
5M
c
A
n
\O
L
n
z
lt
+
C
V
a
Jt
8
c
Z
h
MS
W
z
R
L
XZ
G
C
U
Z0
a
8
x
e
UX
J
I
V
YZ
R
t
D
r
Az
M
T
o
q
v0
J
H
L
r
CW
u
g
zf
u
9
Y
s
\n
E
C
+
4
I
fT
u
Q
r
3
W2
U
o
R
Me
F
p
g
zX
m
K
x
4
7
Hy
9
r
+
L
gE
A
a
s
6R
k
U
9
M
jG
B
T
P
lE
Z
y
4
X
6l
n
J
d
/
gQ
y
j
\
nK
Q
F
a
w
N
O9
V
S
T
E
eI
f
b
E
U
yM
s
z
Y
2X
Z
W
q
3m
O
c
v
5
1
JE
o
C
3
a
7R
e
r
D
p
y/
4
W
9
Z
au
e
o
J
O
ER
p
r
d
w
mh
u
Z
\
n
tu
z
e
f
A
PE
t
G
k
p
iF
Q
U
q
H
6I
U
r
4
Jl
x
r
X
B
fs
E
v
P
r
L
JF
h
m
N
D
I1
8
/
O
be
3
P
r
U
Bv
z
6
9
Q
e
lh
f
B
w
H
+J
\
n
F
XW
2
P
Y
g+
w
P
4
gl
G
t
9
8
N
uD
j
7
E
+
iK
q
5
n
V
Ns
b
l
5
2o
V
D
K
0
h
+y
5
p
B
c
SA
6
i
y
Qe
v
u
m
MN
0
O
h
e
t
x\
n
0
M
VD
t
E
i
O
K9
2
a
C
sO
x
F
D
J
lq
p
U
2
/
g1
I
P
s
H
1/
E
c
HA
C
5
+
f
VN
5
3
q
I
Le
G
a
P
U
YV
i
0
p
9
Ah
c
E
C
Gj
\
n
9
P
M
sK
/
V
f
p
dA
S
T
B
X
hj
w
G
3
+
tg
j
z
H
O
S
yn
z
Q
s
r
xP
U
I
f
ak
0
r
p
q
fa
8
H
z
3
Qs
u
W
J
2
bq
e
g
U
0
tx
n
l
J
2
j\
n
7
9
A
u
HW
S
Y
a
8
qK
l
m
O
M
xP
3
r
V
FZ
t
3
y
nL
F
p
H
9
lu
m
1
q
p0
4
Q
b
w
Ln
1
G
0
+
N
wv
r
W
/
u
HO
r
K
S
N
3a
D
E
7
0
\n
T
q
D
x
73
t
N
v
Q
z
Vw
S
i
j
M
EY
o
y
X
0/
o
e
b
Gl
x
X
O
i
0
3H
5
V
q
Lp
B
J
s
z
tQ
P
V
X
5
K4
V
B
y
z
XG
j
M
3
um
t
w
o
\
nF
I
g
Y
9w
Z
6
I
K
G
As
I
E
h
q
B0
j
M
+
F
9p
1
3
8
+
Pm
g
e
y
c
0
Ue
P
v
b
F
ta
9
H
W
Q
vT
0
b
r
j
J/
D
L
k
G
cD
W
P
s
Z
Gf
Y
\
n
bH
c
N
I
K
ad
g
R
i
b
fm
h
8
2
i
5
Go
7
a
i1
t
c
W
i4
g
o
5
c
XD
p
M
f
k
Y
yg
R
+
w
WA
0
x
F
YL
h
o
1
Y
eO
y
4
c
g
zh
0
\
n
C
Oq
g
T
B
Q
8v
r
+
C
t
zY
K
o
M
B
j
S7
o
V
J
Cg
B
G
q
m
5H
a
i
/
e
LI
q
y
b
x
Gj
z
C
1
Z
b
w/
G
c
Y
m1
N
K
G
eO
q
W
2
Y
sy
B
\
n
I
H
tG
S
p
N
5j
h
X
f
p
HS
e
Z
+
O
6z
N
S
f
l
y
xC
a
g
i
q
Iv
f
K
C
T
s8
h
V
I
O
Hw
2
t
z
B
w
7J
5
w
0
pG
v
b
tq
j
9
e
m
o\
n
0
8
E
Yb
1
D
s
Y
Sw
Q
1
H
U
06
/
l
5
K
3x
Y
J
l
g
MN
C
B
W
3
8F
9
c
n
0
Hs
W
v
m
r
F8
y
t
E
3
8D
k
e
J
T
wX
I
u
r
sF
n
y
R
z
M\
n
5
m
M
BY
/
3
j
p
K
X/
4
i
0
z8
d
S
k
F
10
8
7
t
h
G1
i
2
U
f
El
R
a
P
2w
R
f
T
N
Q8
v
n
6
OW
X
u
b
h
tf
Q
S
4
g
LH
A
v
a
W
\n
I
F
l
A
wz
Y
v
E
sB
M
A
S
k
Re
U
W
a
X
gU
s
V
r
I
j6
n
z
L
q
s0
T
5
2
p
k
f6
B
0
i
Xv
B
e
2
G
bP
0
m
2
q
H5
l
Q
j
U
Z
FM
C
5
R
\
n+
N
0
a
6
4C
c
Q
N
SY
I
C
W
+
h
Ql
M
+
c
N
pz
K
P
y
a
hz
X
7
Z
u
FC
g
O
2
r
x
QV
1
i
2
S
Qu
1
B
w
q
IM
H
N
/
i
xp
t
U
y
1
Z
Sv
j
Y
\
n
mk
B
t
n
53
Y
L
4
QA
v
5
9
ty
7
0
9
WY
w
f
N
B
6h
I
o
F
y
qW
8
E
Q
l
+d
m
5
D
4
s/
E
j
8
Z
DU
5
r
4
Qe
2
8
mv
l
S
\
n
e
Jd
3
m
u
n
5J
2
I
0
pq
K
l
a
N
O0
y
D
x
F
Yh
X
g
Q
ji
K
6
H
0
+C
b
/
Q
pr
6
f
7
D
j
tn
8
M
u
O
H8
E
r
1
O
vu
e
a
x
RP
\
n
L
20
Q
4
x
f
k
hd
9
p
m
o
xS
P
N
j
L
8W
O
D
T
8w
E
2
X
S
J
vL
o
p
E
Sh
4
B
a
l
KI
b
1
k
t
76
q
E
s
6
mt
/
c
FJ
K
y
n
i
Ve
\
n
r
g
lA
u
r
s
G
a
bw
E
7
t
x
3N
o
8
n
b
JU
I
f
v
J
V4
b
E
J
i
G2
V
k
A
d
7/
W
m
s
di
N
J
A
/
UB
3
k
8
Ez
q
g
l
F
x
Kd
N
w
I\
n
9
u
l
bV
s
d
p
3
PT
2
E
4
t8
J
2
Q
5
bG
x
D
a
v
Pj
n
C
+
/
P0
d
9
1
q
t
iG
W
m
k
uz
F
C
H
B
yQ
N
3
j
Ei
C
X
a
W
l
Kd
H
n
V
\S
5
s
R
2e
S
O
H
ek
q
b
4
w
x
ri
R
p
u
Tv
w
l
N
sS
F
A
P
hI
q
d
v
9
8q
U
d
K
y
i
6o
2
5
0
6n
l
r
Y
N
5W
S
q
z
g
+f
Q
U
V
\
nM
Z
2
Y
r
7q
h
a
b
M
qH
0
V
I
9
Yo
X
i
S
n
W
Gz
O
Z
U
uv
B
o
F
a
g7
O
S
X
p
3B
9
5
R
b
y
4w
z
P
q
G
bA
l
p
M
4
Zg
S
p
+
0
ab
s
q
g
\
n
kN
g
w
L
U
xa
c
r
J
Z
RH
o
k
DK
6
4
Z
wG
W
m
X
t
Uf
O
T
1
N
JZ
V
L
0
/v
m
R
k
6
zh
i
C
w
v
Xq
d
F
1
g
yM
2
c
s
i2
u
M
\
nk
u
Y
F
t
3
vQ
Z
9
F
zX
O
l
k
z
R
T
+
N
8
rg
n
w
=
"
node-defaults os ntp servers 198.18.128.1

exit
node-type-defaults master
k8s node-labels smi.cisco.com/node-type oam
exit
exit
nodes master-1
k8s node-type master

9
Scenarios
k8s ssh-ip 198.18.134.31

exit
k8s node-labels smi.cisco.com/node-type-1 service
exit
vmware datastore compute1-local-storage
vmware host compute1.demo.dcloud.cisco.com
vmware performance latency-sensitivity normal
vmware performance memory-reservation false
vmware performance cpu-reservation false
vmware sizing ram-mb 28672
vmware sizing cpus 8
vmware sizing disk-root-gb 100
vmware sizing disk-data-gb 80
vmware sizing disk-home-gb 20
vmware nics management
exit
initial-boot netplan ethernets ens192
addresses [ 198.18.134.31/18 ]
gateway4 198.18.128.1
nameservers addresses [ 198.18.133.1 ]
exit
exit
nodes master-2
k8s ssh-ip 198.18.134.32
exit
exit
exit
addresses [ 198.18.134.32/18 ]
gateway4 198.18.128.1
exit
exit
nodes master-3
k8s ssh-ip 198.18.134.33
exit
exit

10
Scenarios

exit
addresses [ 198.18.134.33/18 ]
gateway4 198.18.128.1
exit
exit
nodes worker-1
k8s node-type worker
k8s ssh-ip 198.18.134.34
exit
exit
exit
addresses [ 198.18.134.34/18 ]
gateway4 198.18.128.1
exit
exit
nodes worker-2
k8s ssh-ip 198.18.134.35
exit
exit
exit
addresses [ 198.18.134.35/18 ]
gateway4 198.18.128.1
exit
exit
nodes worker-3
k8s ssh-ip 198.18.134.36
k8s node-labels nodetype amf-worker
exit

11
Scenarios
k8s node-labels smi.cisco.com/node-type session

exit
exit
vmware nics l2v1
exit
addresses [ 198.18.134.36/18 ]
gateway4 198.18.128.1
exit
addresses [ 10.192.4.10/27 10.192.4.11/27 ]
gateway4 10.192.4.1
exit
exit
nodes worker-4
k8s ssh-ip 198.18.134.37
k8s node-labels smi.cisco.com/node-type session
exit
k8s node-labels smi.cisco.com/node-type-1 protocol
exit
exit
vmware nics l2v1
exit
addresses [ 198.18.134.37/18 ]
gateway4 198.18.128.1
exit
addresses [ 10.192.4.15/27 10.192.4.16/27 ]
gateway4 10.192.4.1
exit
exit
ops-centers amf amf
repository-local amf.2021.02.m0.i2
sync-default-repository true
netconf-ip 198.18.134.30
netconf-port 3002

12
Scenarios
ssh-ip 198.18.134.30
ssh-port 2002
ingress-hostname 198.18.134.30.nip.io
initial-boot-parameters use-volume-claims true
initial-boot-parameters first-boot-password $8$3QpykhquNcaFA91jHBrcA69OAXro18HC9i1GJu1okVQ=
initial-boot-parameters auto-deploy false

initial-boot-parameters single-node false
exit
ops-centers cee global
repository-local cee-2020.02.1.i25
netconf-ip 198.18.134.30
netconf-port 3000
ssh-ip 198.18.134.30
ssh-port 2000
initial-boot-parameters first-boot-password $8$Vr6T49Ly6pZSKsL9OG9PbN11Oiz9joLP5aek9SGm+Qo=
initial-boot-parameters auto-deploy true

exit
ops-centers smf smf
repository-local smf.2020.02.5.i348
netconf-ip 198.18.134.30
netconf-port 3001
ssh-ip 198.18.134.30
ssh-port 2001
initial-boot-parameters first-boot-password $8$MB0MXATfXs+wXV9YbyldxiK2pM8TMaPWvARj7gw9qgI=
initial-boot-parameters auto-deploy false

exit
exit
Step 10 Enter the following command to exit back to SMI-CM.
[smi-cluster-cm-active] SMI Cluster Deployer# exit

Connection to 10.102.132.151 closed.
cloud-user@smi-cluster-cm-active:~$
Step 11 Verify that Kubernetes objects are created in the namespace cee-cm.
cloud-user@smi-cluster-cm-active:~$ kubectl get pods -n cee-cm

NAME READY STATUS RESTARTS AGE
alert-logger-76769958c9-dm482 1/1 Running 1 7d13h
alert-router-64bfd599f7-95r7s 1/1 Running 2 7d13h
alertmanager-0 1/1 Running 3 7d13h
blackbox-exporter-7nb96 1/1 Running 4 7d13h
bulk-stats-0 3/3 Running 2 7d13h
cee-cm-product-documentation-bf86b4cd8-hmn2v 2/2 Running 0 7d13h
core-retriever-pt9s9 2/2 Running 0 7d13h
documentation-546cf558b-7bjbt 1/1 Running 0 7d13h
grafana-74b777fb7-bb92s 6/6 Running 2 7d13h
grafana-dashboard-metrics-87998d4f5-hnx6h 1/1 Running 1 7d13h
kube-state-metrics-7fd65d5c96-77wkm 1/1 Running 1 7d13h
logs-retriever-b2lc5 1/1 Running 2 7d13h
node-exporter-gwdcg 1/1 Running 0 7d13h
ops-center-cee-cm-ops-center-68d5dfd59b-2hq5h 5/5 Running 2 7d13h

13
Scenarios
Verify Kubernetes Cluster
path-provisioner-n857k 1/1 Running 4 7d13h

pgpool-74994b9b6b-6gnxt 1/1 Running 3 7d13h
pgpool-74994b9b6b-pxk95 1/1 Running 1 7d13h
postgres-0 1/1 Running 1 7d13h
prometheus-hi-res-0 4/4 Running 1 7d13h
prometheus-rules-6b9985947f-j9xrk 1/1 Running 1 7d13h
prometheus-scrapeconfigs-synch-56ccb5c6d9-xckxh 1/1 Running 0 7d13h
pv-manager-767d648c98-5pr4l 1/1 Running 0 7d13h
pv-provisioner-644f55ffd7-6vsj2 1/1 Running 0 7d13h
restart-kubelet-64c2k 1/1 Running 0 7d13h
show-tac-manager-888cd7b97-lk9lr 2/2 Running 0 7d13h
smart-agent-cee-cm-ops-center-6c8df766dc-7w6mh 1/1 Running 1 7d13h
thanos-query-hi-res-db84bd999-7gqp5 2/2 Running 1 7d13h
Step 12 Enter the following command to view ingresses that are created which can be accessed directly from the
browser.
cloud-user@smi-cluster-cm-active:~$ kubectl get ingress -n cee-cm

Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use
networking.k8s.io/v1 Ingress
NAME CLASS HOSTS
ADDRESS PORTS AGE
cee-cm-product-documentation-ingress <none>
docs.cee-cm-product-documentation.198.18.134.12.nip.io 198.18.134.12 80, 443 7d13h
cli-ingress-cee-cm-ops-center <none> cli.cee-cm-ops-center.198.18.134.12.nip.io
198.18.134.12 80, 443 7d13h
documentation-ingress <none>
documentation.cee-cm-ops-center.198.18.134.12.nip.io 198.18.134.12 80, 443 7d13h
grafana-ingress <none> grafana.198.18.134.12.nip.io
198.18.134.12 80, 443 7d13h
restconf-ingress-cee-cm-ops-center <none>
restconf.cee-cm-ops-center.198.18.134.12.nip.io 198.18.134.12 80, 443 7d13h
show-tac-manager-ingress <none> show-tac-manager.198.18.134.12.nip.io
198.18.134.12 80, 443 7d13h
This concludes the scenario.

Value Proposition: The Kubernetes cluster hosts the 5G workload along with the CEE. This lab cluster has
three master and four worker nodes. Service Mesh - ISTIO is installed for load balancing and CNI - Calico
is installed for pod networking. Kube-proxy is configured in IPVS mode.
Procedure

Step 2 In the Saved Sessions section of the PuTTY Configuration window, select K8s Master and click Open.
Step 3 Login with username cloud-user and password Cisco@123.
Step 4 Enter the following command to verify the Kubernetes nodes.
cloud-user@5g-master-1:~$ kubectl get nodes

14
Scenarios
NAME STATUS ROLES AGE VERSION

5g-master-1 Ready master 7d15h v1.19.2
5g-worker-1 Ready <none> 7d15h v1.19.2
Step 5 Enter the following command to verify the namespaces created. Dedicated namespaces are created for CEE,
AMF and SMF.
cloud-user@5g-master-1:~$ kubectl get ns

NAME STATUS AGE
amf-amf Active 2d7h
cee-global Active 7d15h
default Active 7d15h
istio-system Active 7d15h
kube-node-lease Active 7d15h
kube-public Active 7d15h
kube-system Active 7d15h
nginx-ingress Active 7d15h
registry Active 7d15h
smf-smf Active 7d15h
smi-certs Active 7d15h
smi-node-label Active 7d15h
smi-secure-access Active 7d15h
smi-vips Active 7d15h
Note This setup is pre-configured. When you start a new instance of this lab, it is observed that few pods
are scheduled even before all Kubernetes nodes are ready. These pods are stuck in the “NodeAffinity”
state. There is no impact as the pod is created again. You can ignore pods in “NodeAffinity” state.
cloud-user@5g-master-1:~$ kubectl get pods -n amf-amf | grep api-amf-amf-ops-center
api-amf-amf-ops-center-6f75dc8b64-pl8l7 0/1 NodeAffinity 0 6d22h
api-amf-amf-ops-center-6f75dc8b64-vfwx8 1/1 Running 0 37h
Step 6 Enter the following command to view charts and registry that are created for on-boarding CEE, AMF, and
SMF.
cloud-user@5g-master-1:~$ kubectl get pods -n registry

charts-amf-2021-02-m0-i2-0 1/1 Running 0 2d7h
charts-amf-2021-02-m0-i2-3 1/1 Running 0 25h
charts-cee-2020-02-1-i25-0 1/1 Running 0 6d21h
charts-cee-2020-02-1-i25-4 1/1 Running 0 25h
charts-smf-2020-02-5-i348-0 1/1 Running 0 6d6h
charts-smf-2020-02-5-i348-4 1/1 Running 0 25h
registry-amf-2021-02-m0-i2-0 1/1 Running 0 2d7h

15
Scenarios
registry-amf-2021-02-m0-i2-3 1/1 Running 0 25h

registry-cee-2020-02-1-i25-0 1/1 Running 0 6d21h
registry-cee-2020-02-1-i25-4 1/1 Running 0 25h
registry-smf-2020-02-5-i348-0 1/1 Running 0 25h
registry-smf-2020-02-5-i348-1 1/1 Running 0 6d6h
Step 7 Enter the following command to confirm that CNI – Calico is installed on all the nodes.
cloud-user@5g-master-1:~$ kubectl get pods -n kube-system -o wide | grep calico

calico-kube-controllers-5d7fff4bc6-kb2vf 1/1 Running 13 7d7h 28.0.35.43
5g-worker-4 <none> <none>
calico-node-5mhtw 1/1 Running 1 7d15h 198.18.134.34
calico-node-hh9gd 1/1 Running 1 7d15h 198.18.134.36
calico-node-hmbn4 1/1 Running 1 7d15h 198.18.134.32
5g-master-2 <none> <none>
calico-node-jps76 1/1 Running 1 7d15h 198.18.134.35
calico-node-nztt5 1/1 Running 1 7d15h 198.18.134.31
calico-node-px8kw 1/1 Running 1 7d15h 198.18.134.33
calico-node-vf2vh 1/1 Running 1 7d15h 198.18.134.37
Step 8 Enter the following command to verify the labels on nodes. Labels are key value pair to identify and select
the Kubernetes objects. These labels are pushed from the SMI-CM. These labels are used to control the pods
scheduling.
cloud-user@5g-master-1:~$ kubectl get nodes --show-labels

NAME STATUS ROLES AGE VERSION LABELS
beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=5g-master-1,kubernetes.io/os=linux,node-role.kubernetes.io/master=,smi.cisco.com/node-type-1=service,smi.cisco.com/node-type=oam
beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=5g-worker-1,kubernetes.io/os=linux,smi.cisco.com/node-type-1=service,smi.cisco.com/node-type=oam
beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=5g-worker-2,kubernetes.io/os=linux,smi.cisco.com/node-type-1=service,smi.cisco.com/node-type=oam
beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=5g-worker-3,kubernetes.io/os=linux,nodetype=amf-worker,smi.cisco.com/node-type=session,smi.cisco.com/nodetype=amf-worker
beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=5g-worker-4,kubernetes.io/os=linux,smi.cisco.com/node-type-1=protocol,smi.cisco.com/node-type=session

16
Scenarios
CEE - Common Execution Environment

Value Proposition: CEE provides functionalities like metrics collection based on Prometheus, metrics
visualization based on Grafana dashboard, bulk statistics, alerting based on Prometheus Alert Manager, log
monitoring using kubetail, log forwarding, and gather TAC debug package.
Procedure
Step 1 Login to the CEE Ops-Center.
cloud-user@5g-master-1:~$ kubectl get svc -n cee-global | grep 2024

ops-center-cee-global-ops-center ClusterIP 10.111.23.114 <none>
8008/TCP,8080/TCP,2024/TCP,2022/TCP,7681/TCP 7d15h
cloud-user@5g-master-1:~$
Step 2 Enter the following commands to view the CEE config. Some sample alert rules are created.
cloud-user@5g-master-1:~$ ssh -p 2024 admin@10.111.23.114

Warning: Permanently added '[10.111.23.114]:2024' (RSA) to the list of known hosts.
Welcome to the cee CLI on 5g/global
ops-center-cee-global-ops-center-cfcb95d56-vg2xs
[5g/global] cee# show running-config
alerts rules group SMFSvcStatus
interval-seconds 300
rule N11_SM_CREATE_SR
expression "sum by (namespace)
(increase(smf_restep_http_msg_total{api_name=\"amf_create_sm_context\",
message_direction=\"inbound\", response_status=\"201\"}[5m])) / sum by (namespace)
(increase(smf_restep_http_msg_total{api_name=\"amf_create_sm_context\",
message_direction=\"inbound\"}[5m])) < 0.80"
severity major
type "Communications Alarm"
annotation summary
value "This alert is fired when the percentage of amf_create_sm_context responses sent
is lesser threshold"
exit
exit
rule N11_SM_RELEASE_SR
(increase(smf_restep_http_msg_total{api_name=\"amf_release_sm_context\",
(increase(smf_restep_http_msg_total{api_name=\"amf_release_sm_context\",
severity major
annotation summary
value "This alert is fired when the percentage of amf_release_sm_context responses sent
exit
exit
rule N1N2_MSG_TRANSFER_SR
(increase(smf_restep_http_msg_total{api_name=\"amf_n1_n2_transfer\",

17
Scenarios
message_direction=\"outbound\", response_status=~\"200|202|409\"}[5m])) / sum by (namespace)

(increase(smf_restep_http_msg_total{api_name=\"amf_n1_n2_transfer\",
message_direction=\"outbound\"}[5m])) < 0.50"
severity major
annotation summary
value "This alert is fired when the percentage of amf_n1_n2_transfer responses received
exit
exit
rule N40_CHARGING_DATA_NOTIFY_SR
(increase(smf_restep_http_msg_total{api_name=\"chf_abort_notify\",
(increase(smf_restep_http_msg_total{api_name=\"chf_abort_notify\",
severity major
annotation summary
value "This alert is fired when the percentage of chf_abort_notify responses sent is
lesser threshold"
exit
exit
rule N40_CHARGING_DATA_REQUEST_SR
(increase(smf_restep_http_msg_total{api_name=\"chf_charging_data_request\",
message_direction=\"outbound\", response_status=~\"200|201|204\"}[5m])) / sum by (namespace)
(increase(smf_restep_http_msg_total{api_name=\"chf_charging_data_request\",
message_direction=\"outbound\"}[5m])) < 0.80"
severity major
annotation summary
value "This alert is fired when the percentage of chf_charging_data_request responses
received is lesser threshold"
exit
exit
exit
bulk-stats enable true
bulk-stats user dcloud
bulk-stats external-ip 1.1.1.1
bulk-stats external-port 22
system mode running
helm default-repository base-repos
helm repository base-repos
url https://charts.198.18.134.30.nip.io/cee-2020.02.1.i25
exit
k8s name 5g
k8s namespace cee-global
k8s nf-name cee
k8s registry docker.198.18.134.30.nip.io/cee-2020.02.1.i25
k8s single-node false
k8s use-volume-claims true
k8s ingress-host-name 198.18.134.30.nip.io
k8s nodes 5g-master-1
node-type master
worker-type master
exit
node-type master
worker-type master
exit
node-type master
worker-type master

18
Scenarios
exit
k8s nodes 5g-worker-1
node-type worker
worker-type worker
exit
node-type worker
worker-type worker
exit
node-type worker
worker-type worker
exit
node-type worker
worker-type worker
exit
Step 3 Enter the following command to exit CEE.
[5g/global] cee# exit

Step 4 Check the CEE pods created for log collection, alerts, bulkstats, Grafana, and so on.
cloud-user@5g-master-1:~$ kubectl get pods -n cee-global

alert-logger-776f89974c-xlvrw 1/1 Running 9 6d22h
alert-router-66fc58985c-bvm8z 1/1 Running 0 6d11h
alertmanager-1 1/1 Running 0 26h
blackbox-exporter-dtrqz 1/1 Running 1 7d15h
blackbox-exporter-lsvgg 1/1 Running 1 7d15h
blackbox-exporter-mxfb6 1/1 Running 1 7d15h
blackbox-exporter-mz7k2 1/1 Running 1 7d15h
blackbox-exporter-pflnp 1/1 Running 1 7d15h
bulk-stats-0 3/3 Running 0 2m46s
bulk-stats-1 3/3 Running 0 3m34s
cee-global-product-documentation-7f5b487cb-x95mw 2/2 Running 0 6d11h
core-retriever-29rmq 2/2 Running 2 7d15h
core-retriever-2b5cn 2/2 Running 2 7d15h
core-retriever-98df9 2/2 Running 2 7d15h
core-retriever-br8lm 2/2 Running 2 7d15h
core-retriever-dnmw9 2/2 Running 2 7d15h
core-retriever-h5cdr 2/2 Running 2 7d15h
core-retriever-h8vbl 2/2 Running 2 7d15h
documentation-857645bc5f-rb2vp 1/1 Running 0 6d8h
grafana-65b6b6b554-qbm2z 6/6 Running 223 4d23h
grafana-dashboard-metrics-6f6cdcff58-rdhjj 1/1 Running 0 6d6h
kube-state-metrics-5d5f9b54c5-b7ljl 1/1 Running 0 6d8h
logs-retriever-6d5k9 1/1 Running 1 7d15h
logs-retriever-8bmqh 1/1 Running 1 7d15h
logs-retriever-lm4h9 1/1 Running 1 7d15h
logs-retriever-sll6m 1/1 Running 1 7d15h
logs-retriever-snqx9 1/1 Running 1 7d15h
logs-retriever-tqhdp 1/1 Running 1 7d15h
logs-retriever-xqrgq 1/1 Running 1 7d15h
node-exporter-2vtgm 1/1 Running 1 7d15h
node-exporter-5bqmk 1/1 Running 1 7d15h
node-exporter-bf9z6 1/1 Running 1 7d15h
node-exporter-gx7wt 1/1 Running 1 7d15h

19
Scenarios
node-exporter-mgjwx 1/1 Running 1 7d15h

node-exporter-sbdxc 1/1 Running 1 7d15h
node-exporter-t62qj 1/1 Running 1 7d15h
ops-center-cee-global-ops-center-cfcb95d56-vg2xs 5/5 Running 0 6d22h
path-provisioner-2wrjv 1/1 Running 1 7d15h
path-provisioner-b67bq 1/1 Running 1 7d15h
path-provisioner-b7754 1/1 Running 1 7d15h
path-provisioner-bnx8n 1/1 Running 1 7d15h
path-provisioner-fkpsc 1/1 Running 1 7d15h
path-provisioner-hckwk 1/1 Running 1 7d15h
path-provisioner-k46xt 1/1 Running 1 7d15h
pgpool-6fdcb9d785-5qfpn 1/1 Running 14 6d22h
pgpool-6fdcb9d785-vwvwm 1/1 Running 0 26h
postgres-1 1/1 Running 0 26h
prometheus-hi-res-1 4/4 Running 0 26h
prometheus-rules-8494c864bb-fnk4x 1/1 Running 0 6d11h
prometheus-scrapeconfigs-synch-b47dd89b9-v6w7q 1/1 Running 1 7d15h
pv-manager-86b8fc598d-hsnt9 1/1 Running 0 6d22h
pv-provisioner-565c845f86-kgrmd 1/1 Running 0 6d22h
restart-kubelet-5bpr9 1/1 Running 1 7d15h
restart-kubelet-6cnv7 1/1 Running 1 7d15h
restart-kubelet-bzzhc 1/1 Running 1 7d15h
restart-kubelet-f42q5 1/1 Running 1 7d15h
restart-kubelet-n7tz9 1/1 Running 1 7d15h
restart-kubelet-qpq6d 1/1 Running 1 7d15h
restart-kubelet-x8jhf 1/1 Running 1 7d15h
show-tac-manager-5f4b6dc8f6-c6cch 2/2 Running 0 6d22h
smart-agent-cee-global-ops-center-5b49b76f9-w9d2l 1/1 Running 0 6d8h
thanos-query-hi-res-8479cfb7b6-75drw 2/2 Running 0 26h
thanos-query-hi-res-8479cfb7b6-khwgr 2/2 Running 0 6d22h
thanos-query-hi-res-8479cfb7b6-pdcxt 2/2 Running 0 4d23h
Step 5 Enter the following command to view the ingresses created for Grafana and documentation. The TAC debug
package can be directly accessed from a browser.
cloud-user@5g-master-1:~$ kubectl get ingress -n cee-global

Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use
networking.k8s.io/v1 Ingress
NAME CLASS HOSTS
ADDRESS PORTS AGE
cee-global-product-documentation-ingress <none>
docs.cee-global-product-documentation.198.18.134.30.nip.io
198.18.134.33,198.18.134.34,198.18.134.35 80, 443 7d16h
cli-ingress-cee-global-ops-center <none>
cli.cee-global-ops-center.198.18.134.30.nip.io
198.18.134.33,198.18.134.34,198.18.134.35 80, 443 7d16h
documentation-ingress <none>
documentation.cee-global-ops-center.198.18.134.30.nip.io
198.18.134.33,198.18.134.34,198.18.134.35 80, 443 7d16h
grafana-ingress <none> grafana.198.18.134.30.nip.io
198.18.134.33,198.18.134.34,198.18.134.35 80, 443 7d16h
restconf-ingress-cee-global-ops-center <none>
restconf.cee-global-ops-center.198.18.134.30.nip.io
198.18.134.33,198.18.134.34,198.18.134.35 80, 443 7d16h
show-tac-manager-ingress <none> show-tac-manager.198.18.134.30.nip.io
198.18.134.33,198.18.134.34,198.18.134.35 80, 443 7d16h
Step 6 On the remote desktop, launch Chrome and navigate to https://grafana.198.18.134.30.nip.io.

20
Scenarios
Step 7 If a warning page pops up, click Advanced. Then click Proceed to grafana.
Step 8 Login to Grafana with username admin, password Cisco@123.
Step 9 In Grafana’s left pane menu, select the Dashboards icon, then select Manage.
Step 10 In the Dashboards list, select smf-smf. Then select 5G LAUNCH DASHBOARD.

21
Scenarios
AMF - Access and Mobility Management Function
Step 11 After some 5G sessions have run, you would see call statistics on this dashboard. Your display may vary
depending on how many sessions are up.

Value Proposition: AMF is based on a three-tier architecture with protocol, service, and session. Rest-ep
handles SBI transactions, sctp-ep handles gNB association, and protocol-ep handles GTP messages on the
n26 interface. AMF is not integrated with MME in this lab.
Note If any pod is in CrashLoopBackOff state, refer to Appendix A in this document for the failure recovery
procedure.
Procedure
Step 1 Go back to the K8s Master PuTTY session. Enter the following command to check the AMF pods.
cloud-user@5g-master-1:~$ kubectl get pods -n amf-amf

amf-amf-amf-protocol-ep-df7f4768f-wcxj7 1/1 Running 0 9h
amf-amf-amf-rest-ep-0 1/1 Running 0 9h
amf-amf-amf-sctp-lb-64489b5776-fhdvc 1/1 Running 0 9h
amf-amf-amf-service-0 1/1 Running 2 2d4h
api-amf-amf-ops-center-6f75dc8b64-l4zrv 1/1 Running 0 2d7h
base-entitlement-amf-7b95557655-4jk9r 1/1 Running 0 2d7h
cache-pod-0 1/1 Running 0 9h
cache-pod-1 1/1 Running 0 2d4h
cdl-ep-session-c1-d0-6fcf9b54cb-gkcpx 1/1 Running 0 9h

22
Scenarios
cdl-index-session-c1-m1-0 1/1 Running 0 9h

cdl-slot-session-c1-m1-0 1/1 Running 0 9h
documentation-7fdd6cdf9d-cwgd7 1/1 Running 0 2d7h
etcd-amf-amf-etcd-cluster-0 2/2 Running 0 2d4h
grafana-dashboard-amf-6db77f56b9-t7pwn 1/1 Running 0 9h
grafana-dashboard-app-infra-7c9b9bd78-6v5mq 1/1 Running 0 2d4h
grafana-dashboard-cdl-75f947f7f5-q5f4h 1/1 Running 0 2d4h
kafka-0 1/1 Running 0 2d4h
oam-pod-0 1/1 Running 0 2d4h
ops-center-amf-amf-ops-center-698d7f7c59-hnnv6 5/5 Running 2 26h
prometheus-rules-cdl-5f7d478649-swt52 1/1 Running 0 2d4h
smart-agent-amf-amf-ops-center-7d958dc8c-fvbwr 1/1 Running 0 2d7h
swift-amf-amf-ops-center-6c6b5f6bbf-2ncfl 1/1 Running 0 2d7h
zookeeper-0 1/1 Running 0 2d4h
Step 2 Check the AMF services.
cloud-user@5g-master-1:~$ kubectl get svc -n amf-amf

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S)
AGE
amf-protocol-ep ClusterIP 10.97.244.231 <none>
9003/TCP,8080/TCP 2d4h
amf-rest-ep ClusterIP 10.97.30.108 <none>
9003/TCP,8080/TCP,9201/TCP 2d4h
amf-sbi-service ClusterIP 10.105.49.252 10.192.4.10 8090/TCP
2d4h
amf-service ClusterIP 10.108.93.37 <none>
9003/TCP,8080/TCP 2d4h
base-entitlement-amf ClusterIP 10.111.8.125 <none> 8000/TCP
2d7h
datastore-ep-session ClusterIP 10.110.184.94 <none> 8882/TCP
2d4h
datastore-notification-ep ClusterIP 10.105.17.201 <none> 8890/TCP
2d4h
datastore-tls-ep-session ClusterIP 10.109.220.225 <none> 8883/TCP
2d4h
documentation ClusterIP 10.98.166.38 <none> 8080/TCP
2d7h
etcd ClusterIP None <none>
2379/TCP,7070/TCP 2d4h
etcd-amf-amf-etcd-cluster-0 ClusterIP 10.108.144.157 <none>
2380/TCP,2379/TCP 2d4h
grafana-dashboard-amf ClusterIP 10.97.180.81 <none> 9418/TCP
2d4h
grafana-dashboard-app-infra ClusterIP 10.101.158.28 <none> 9418/TCP
2d4h
grafana-dashboard-cdl ClusterIP 10.110.35.56 <none> 9418/TCP
2d4h
helm-api-amf-amf-ops-center ClusterIP 10.105.20.151 <none> 3000/TCP
2d7h
kafka ClusterIP None <none>
9092/TCP,9083/TCP,7070/TCP 2d4h
local-ldap-proxy-amf-amf-ops-center ClusterIP 10.97.65.217 <none>
636/TCP,369/TCP 2d7h
netconf-ops-center-amf-amf-ops-center ClusterIP 10.96.145.221 198.18.134.30 3002/TCP
2d7h
oam-pod ClusterIP 10.103.160.105 <none>
9008/TCP,7001/TCP,8879/TCP,10080/TCP 2d4h
ops-center-amf-amf-ops-center ClusterIP 10.97.66.34 <none>
prometheus-rules-cdl ClusterIP None <none> 9419/TCP
2d4h
smart-agent-amf-amf-ops-center ClusterIP 10.108.100.221 <none> 8888/TCP

23
Scenarios
2d7h
ssh-ops-center-amf-amf-ops-center ClusterIP 10.100.129.168 198.18.134.30 2002/TCP
2d7h
swift-amf-amf-ops-center ClusterIP 10.96.105.217 <none>
9855/TCP,50055/TCP,56790/TCP 2d7h
zookeeper ClusterIP None <none>
2888/TCP,3888/TCP 2d4h
zookeeper-service ClusterIP 10.102.94.13 <none>
2181/TCP,7070/TCP 2d4h
Step 3 Enter the following command to login to the AMF Ops-center.
cloud-user@5g-master-1:~$ kubectl get svc -n amf-amf | grep 2024

Note The below labels are configured in the Day-1 config which is used for the pod scheduling on specific
nodes. Nodes are already configured with the labels. Pod labels are used for node selection.
cdl datastore session

k8 label protocol-layer key nodetype value amf-worker
k8 label service-layer key smi.cisco.com/node-type-1 value service
k8 label oam-layer key smi.cisco.com/node-type value oam
Step 4 Check the AMF Day-1 config

Welcome to the amf CLI on 5g/amf
admin connected from 28.0.122.128 using ssh on ops-center-amf-amf-ops-center-698d7f7c59-hnnv6
[5g/amf] amf# show running-config | nomore
group nf-mgmt NFMGMT1
nrf-mgmt-group MGMT
locality LOC1
heartbeat interval 40
exit
group nrf discovery disc
service type nrf nnrf-disc
endpoint-profile
name disc-prof
uri-scheme http
endpoint-name disc-1
primary ip-address ipv4 10.192.4.5
primary ip-address port 8082
exit
exit
exit
exit
group nrf mgmt MGMT
service type nrf nnrf-nfm
endpoint-profile
name mgmt-prof
uri-scheme http
endpoint-name mgmt-1
exit
exit
exit

24
Scenarios
exit
cdl node-type session
cdl deployment-model small
cdl zookeeper replica 1
endpoint replica 1
index replica 1
index map 1
index write-factor 1
slot replica 1
slot map 1
slot write-factor 1
exit
cdl kafka replica 1
etcd replicas 1
amf-global
amf-name AMF
call-control-policy local
disable-init-csr-reg false
am-policy skip true
disable-rfsp-pcf true
enable-auth-svc-req true
enable-guti-realloc-service-req true
default-slice name s1 sst 1 sdt 000001
timers t3550 value 5
timers t3550 retry 3
timers tguard value 30
timers tidle value 60
security-algo 1 ciphering-algo 5G-EA0
security-algo 1 integity-prot-algo 5G-IA0
exit
dnn-policy cisco.com
network-element-profile-list smf smf1
exit
operator-policy local
ccp-name local
network-element-profile-list ausf ausf1
network-element-profile-list smf smf1
network-element-profile-list pcf pcf1
network-element-profile-list udm udm1
network-element-profile-list nssf nssf1
exit
exit
profile network-element pcf pcf1
nf-client-profile PP1
failure-handling-profile FH1
query-params [ target-plmn ]
exit
profile network-element udm udm1
nf-client-profile UP1
exit
profile network-element ausf ausf1
nf-client-profile AUP1
exit
profile network-element smf smf1
nf-client-profile SMF1

25
Scenarios
query-params [ dnn ]
exit
profile nf-client nf-type ausf
ausf-profile AUP1
locality LOC1
priority 30
service name type nausf-auth
endpoint-profile EP1
capacity 30
uri-scheme http
endpoint-name EP1
priority 56
exit
exit
exit
exit
exit
exit
profile nf-client nf-type udm
udm-profile UP1
locality LOC1
service name type nudm-sdm
capacity 30
uri-scheme http
version
uri-version v2
exit
exit
endpoint-name EP1
exit
exit
exit
service name type nudm-uecm
capacity 30
uri-scheme http
endpoint-name EP1
exit
exit
exit
exit
exit
exit
profile nf-client nf-type pcf
pcf-profile PP1
locality LOC1
priority 30
service name type npcf-am-policy-control
capacity 30
uri-scheme http
endpoint-name EP1
priority 56
exit

26
Scenarios
exit
exit
exit
exit
exit
profile nf-client nf-type smf
smf-profile SMF1
locality LOC1
priority 56
service name type nsmf-pdusession
capacity 30
priority 30
uri-scheme http
endpoint-name EP1
priority 30
exit
exit
exit
exit
exit
exit
profile nf-pair nf-type NRF
nrf-discovery-group disc
locality client LOC1
locality preferred-server LOC1
locality geo-server GEO
exit
profile nf-pair nf-type UDM
exit
profile nf-pair nf-type SMF
exit
profile nf-pair nf-type AUSF
exit
profile nf-pair nf-type PCF
exit
profile nf-pair nf-type NSSF
exit
profile nf-client-failure nf-type udm
profile failure-handling FH1
exit
exit

27
Scenarios
exit
profile nf-client-failure nf-type pcf
service name type npcf-am-policy-control
message type PcfAmfPolicyControlCreate
status-code httpv2 0
action continue
exit
action continue
exit
action continue
exit
exit
exit
exit
exit
exit
exit
amf-services amf1
amf-name AMF
locality LOC1
operator-policy-name local
guamis mcc 125 mnc 225 region-id 1 set-id 2 pointer 3
tai-groups amf
exit
slices name s1
sst 1
sdt 000001
exit
exit
tai-group name amf
tais name tais
mcc 125 mnc 225
tac list [ 10 20 30 ]
exit
exit
exit
endpoint sbi
vip-ip 10.192.4.10
exit
endpoint sctp
vip-ip 10.192.4.11 vip-port 1000
exit
endpoint service
replicas 1
exit
endpoint ngap
exit
logging level application debug
logging level transaction debug
logging level tracing off
logging name infra.config.core level application trace
logging name infra.config.core level transaction trace
logging name infra.config.core level tracing off
logging name infra.message_log.core level transaction trace
logging name infra.resource_monitor.core level application warn
logging name infra.resource_monitor.core level transaction warn
deployment
app-name amf1
cluster-name cisco

28
Scenarios
SMF - Session Management Function
dc-name dcloud
model small
exit
k8 label protocol-layer key nodetype value amf-worker
exit
exit
exit
system mode running
url https://charts.198.18.134.30.nip.io/amf.2021.02.m0.i2
exit
k8s name 5g
k8s namespace amf-amf
k8s nf-name amf
k8s registry docker.198.18.134.30.nip.io/amf.2021.02.m0.i2
Step 5 Enter exit to return to the K8s Master prompt.
[5g/amf] amf# exit


Value Proposition: SMF is based on a three-tier architecture with protocol, service and session. Rest-ep handles
SBI transactions, gtp-ep handles GTP messages on S5 and, protocol-ep handles PFCP messages on n4 interface.
SMF is not integrated with SGW in this lab.
Procedure
Step 1 On the K8s Master PuTTY session, enter the following command to check the SMF pods.
cloud-user@5g-master-1:~$ kubectl get pods -n smf-smf

api-smf-smf-ops-center-6ff89fc78-rftpc 1/1 Running 0 6d8h
base-entitlement-smf-7fc7f45657-v5w8d 2/2 Running 0 6d11h
cache-pod-0 1/1 Running 0 9h
cache-pod-1 1/1 Running 0 2d10h
cdl-ep-session-c1-9677c756c-5s9gp 1/1 Running 0 9h
cdl-index-session-c1-m1-0 1/1 Running 0 9h
cdl-slot-session-c1-m1-0 1/1 Running 0 9h
documentation-6b548587d6-8g56x 1/1 Running 0 6d11h
etcd-smf-smf-etcd-cluster-0 2/2 Running 0 2d10h
grafana-dashboard-app-infra-c9644b9bd-4kmff 1/1 Running 0 2d10h
grafana-dashboard-cdl-7d5d98f697-6bc7l 1/1 Running 0 2d10h
grafana-dashboard-smf-695cdb6565-6lbpb 2/2 Running 0 2d10h
kafka-0 1/1 Running 0 9h

29
Scenarios
oam-pod-0 1/1 Running 0 2d10h

ops-center-smf-smf-ops-center-9c58fc744-d69pn 5/5 Running 2 6d8h
smart-agent-smf-smf-ops-center-667dc86b85-z6tbv 1/1 Running 0 6d8h
smf-nodemgr-n0-0 2/2 Running 2 2d10h
smf-protocol-n0-0 2/2 Running 0 2d10h
smf-rest-ep-n0-0 2/2 Running 0 2d10h
smf-service-n0-0 2/2 Running 4 2d10h
smf-udp-proxy-0 1/1 Running 0 2d10h
swift-smf-smf-ops-center-5d86d59dc7-qznt2 1/1 Running 0 6d8h
zookeeper-0 1/1 Running 0 2d10h
Step 2 Enter the following command to check the SMF services.
cloud-user@5g-master-1:~$ kubectl get svc -n smf-smf

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S)
AGE
base-entitlement-smf ClusterIP 10.108.107.42 <none> 8000/TCP
7d16h
datastore-ep-session ClusterIP 10.110.227.55 <none> 8882/TCP
2d10h
datastore-notification-ep ClusterIP 10.107.114.37 <none> 8890/TCP
2d10h
datastore-tls-ep-session ClusterIP 10.101.37.203 <none> 8883/TCP
2d10h
documentation ClusterIP 10.106.44.145 <none> 8080/TCP
7d16h
etcd ClusterIP None <none>
2379/TCP,7070/TCP 2d10h
etcd-smf-smf-etcd-cluster-0 ClusterIP 10.101.223.39 <none>
2380/TCP,2379/TCP 2d10h
grafana-dashboard-app-infra ClusterIP 10.108.10.87 <none> 9418/TCP
2d10h
grafana-dashboard-cdl ClusterIP 10.106.42.94 <none> 9418/TCP
2d10h
grafana-dashboard-smf ClusterIP 10.109.211.39 <none> 9418/TCP
2d10h
helm-api-smf-smf-ops-center ClusterIP 10.104.97.36 <none> 3000/TCP
7d16h
kafka ClusterIP None <none>
9092/TCP,7070/TCP 2d10h
local-ldap-proxy-smf-smf-ops-center ClusterIP 10.107.81.15 <none>
636/TCP,369/TCP 7d16h
netconf-ops-center-smf-smf-ops-center ClusterIP 10.108.16.222 198.18.134.30 3001/TCP
7d16h
oam-pod ClusterIP 10.107.173.220 <none>
9008/TCP,7001/TCP,8879/TCP,10080/TCP 2d10h
ops-center-smf-smf-ops-center ClusterIP 10.100.193.137 <none>
smart-agent-smf-smf-ops-center ClusterIP 10.111.8.57 <none> 8888/TCP
7d16h
smf-nodemgr ClusterIP 10.111.101.40 <none>
9003/TCP,8884/TCP,9201/TCP,8080/TCP 2d10h
smf-protocol ClusterIP 10.103.50.48 <none>
9003/TCP,8080/TCP 2d10h
smf-rest-ep ClusterIP 10.102.53.124 <none>
9003/TCP,8080/TCP,9201/TCP 2d10h
smf-sbi-service ClusterIP 10.101.2.30 10.192.4.15 8090/TCP
2d10h
smf-service ClusterIP 10.97.66.250 <none>
9003/TCP,8080/TCP 2d10h
ssh-ops-center-smf-smf-ops-center ClusterIP 10.111.184.207 198.18.134.30 2001/TCP
7d16h
swift-smf-smf-ops-center ClusterIP 10.98.43.94 <none>

30
Scenarios
9855/TCP,50055/TCP,56790/TCP 7d16h
zookeeper ClusterIP None <none>
2888/TCP,3888/TCP 2d10h
zookeeper-service ClusterIP 10.104.202.230 <none>
2181/TCP,7070/TCP 2d10h
Step 3 Enter the following command to login to SMF Ops-center.
cloud-user@5g-master-1:~$ kubectl get svc -n smf-smf | grep 2024

ops-center-smf-smf-ops-center ClusterIP 10.100.193.137 <none>
Note The below labels are configured in the Day-1 config which is used for the pod scheduling on specific
nodes. Nodes are already configured with the labels. Pod labels are used for node selection.

k8 label protocol-layer key smi.cisco.com/node-type-1 value protcol
Step 4 Now we will check the SMF config.

Welcome to the smf CLI on 5g/smf
admin connected from 28.0.122.128 using ssh on ops-center-smf-smf-ops-center-9c58fc744-d69pn
[5g/smf] smf# show running-config | nomore
ipam
source local
address-pool poolv4
vrf-name ISP
tags
dnn cisco.com
exit
ipv4
split-size
per-cache 1024
per-dp 256
exit
address-range 11.11.1.1 11.11.1.254
exit
exit
address-pool poolv6
vrf-name ISP
tags
dnn cisco.com
exit
ipv6
prefix-ranges
prefix-range 2001:4870:e00b:1700:: length 56
exit
exit
exit
exit
group nf-mgmt NFMGMT1
nrf-mgmt-group MGMT
locality LOC1
exit
group nrf discovery disc

31
Scenarios
service type nrf nnrf-disc

endpoint-profile
name epprof
uri-scheme http
version
uri-version v1
full-version 1.1.1.[1]
exit
exit
endpoint-name endpointName
priority 1
capacity 100
exit
exit
exit
exit
group nrf mgmt MGMT
service type nrf nnrf-nfm
endpoint-profile
name mgmt-1
uri-scheme http
endpoint-name mgmt-1
exit
exit
exit
exit
cdl node-type session
cdl deployment-model small
cdl zookeeper replica 1
endpoint replica 1
index replica 1
index map 1
index write-factor 1
slot replica 1
slot map 1
slot write-factor 1
exit
cdl kafka replica 1
etcd replicas 1
endpoint nodemgr
replicas 1
nodes 1
exit
endpoint pfcp
replicas 1
nodes 1
vip-ip 10.192.4.16
exit
endpoint service
replicas 1
nodes 1
exit
endpoint protocol
replicas 1
nodes 1
vip-ip 10.192.4.16
exit
endpoint sbi
replicas 1

32
Scenarios
nodes 1
vip-ip 10.192.4.15
exit
logging level application trace
logging level transaction trace
logging level tracing off
logging name infra.config.core level application debug
logging name infra.config.core level transaction warn
logging name infra.config.core level tracing warn
logging name infra.resource_monitor.core level application warn
logging name infra.resource_monitor.core level transaction warn
deployment
app-name smf1
cluster-name cisco
dc-name dcloud
model small
exit
k8 label protocol-layer key smi.cisco.com/node-type-1 value protocol
exit
exit
exit
k8 smf local etcd endpoint host etcd
k8 smf local etcd endpoint port 2379
k8 smf local datastore-endpoint datastore-ep-session:8882
system mode running
url https://charts.198.18.134.30.nip.io/smf.2020.02.5.i348
exit
k8s name 5g
k8s namespace smf-smf
k8s nf-name smf
k8s registry docker.198.18.134.30.nip.io/smf.2020.02.5.i348
profile dnn cisco.com
dns primary ipv4 11.11.1.1
dns primary ipv6 66:66:1::aa
dns secondary ipv4 22.22.2.2
dns secondary ipv6 66:66:2::bb
network-element-profiles chf chf1
network-element-profiles amf amf1
network-element-profiles pcf pcf1
network-element-profiles udm udm1
dnn cisco.com network-function-list [ upf ]
charging-profile chgprf1
virtual-mac b6:6d:47:47:47:47
pcscf-profile pcscf1
ssc-mode 1
session type IPV4 allowed [ IPV4V6 ]
upf apn cisco.com
exit
profile charging chgprf1
method [ offline ]
limit volume 10000
limit duration 60
tight-interworking-mode true
reporting-level online rating-group
reporting-level offline service-id
exit
profile pcscf pcscf1

33
Scenarios
v4-list
precedence 3
primrary 3.3.3.1
secondary 3.3.3.2
exit
exit
v6-list
precedence 3
primrary 33:33::1
secondary 33:33::2
exit
exit
v4v6-list
precedence 3
primrary ipv4 46.46.33.1
primrary ipv6 46:46:33::1
secondary ipv4 46.46.33.2
secondary ipv6 46:46:33::2
exit
exit
exit
profile charging-characteristics 1
charging-profile chgprf1
exit
profile icmpv6 icmpprf1
options virtual-mac b6:6d:57:45:45:45
exit
profile smf smf1
locality LOC1
fqdn 5gc.mnc225.mcc125.3gppnetwork.org
allowed-nssai [ slice1 ]
plmn-id mcc 125
plmn-id mnc 225
service name nsmf-pdu
type pdu-session
schema http
version 1.Rn.0.0
http-endpoint base-url http://smf-service
icmpv6-profile icmpprf1
compliance-profile Jun19
access-profile access1
subscriber-policy polSub
exit
exit
profile compliance Jun19
service nsmf-pdusession
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service namf-comm
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service n1
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service n2
version uri v1
version full 1.0.0
version spec 15.4.0

34
Scenarios
exit
service nudm-sdm
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service nudm-uecm
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service nnrf-disc
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service nnrf-nfm
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service npcf-smpolicycontrol
version uri v1
version full 1.0.0
version spec 15.4.0
exit
service nchf-convergedcharging
version uri v1
version full 1.0.0
version spec 15.3.0
exit
exit
profile network-element amf amf1
nf-client-profile amfP1
exit
profile network-element pcf pcf1
nf-client-profile pcfP1
rulebase-prefix cbn#
predefined-rule-prefix crn#
exit
profile network-element udm udm1
nf-client-profile udmP1
exit
profile network-element upf upf1
n4-peer-address ipv4 10.192.4.20
n4-peer-port 8805
dnn-list [ cisco.com ]
exit
profile network-element chf chf1
nf-client-profile CP1
nf-client-profile-offline CP2
failure-handling-profile-offline FH2
exit
profile qos abc
ambr ul "250 Kbps"
ambr dl "500 Kbps"

35
Scenarios
qi5 7
arp priority-level 14
arp preempt-cap NOT_PREEMPT
arp preempt-vuln PREEMPTABLE
priority 120
max data-burst 2000
dscp-map qi5 2 arp-priority-level 3 uplink user-datagram dscp-marking 0x1c
dscp-map qi5 2 arp-priority-level 3 downlink user-datagram dscp-marking 0x1a encsp-header
dscp-marking 0x1b
exit
profile access access1
eps-fallback cbr delay 500 max-retry 10 timeout 3
n26 idft enable timeout 15
n2 idft enable timeout 15
exit
profile nf-client nf-type udm
udm-profile udmP1
locality LOC1
priority 30
service name type nudm-sdm
capacity 30
uri-scheme http
version
uri-version v2
exit
exit
endpoint-name EP1
exit
exit
exit
capacity 30
uri-scheme http
endpoint-name EP1
exit
exit
exit
exit
exit
exit
profile nf-client nf-type pcf
pcf-profile pcfP1
locality LOC1
priority 10
service name type npcf-smpolicycontrol
capacity 30
uri-scheme http
endpoint-name EP1
priority 5
exit
exit
exit
exit
exit
exit

36
Scenarios
profile nf-client nf-type amf

amf-profile amfP1
locality LOC1
priority 10
service name type namf-comm
capacity 20
uri-scheme http
endpoint-name EP1
priority 30
exit
exit
exit
exit
exit
exit
profile nf-client nf-type chf
chf-profile CP1
locality LOC1
priority 10
service name type nchf-convergedcharging
capacity 30
uri-scheme http
version
uri-version v2
exit
exit
endpoint-name EP1
priority 50
exit
exit
exit
exit
exit
chf-profile CP2
exit
exit
profile nf-pair nf-type UDM
exit
profile nf-pair nf-type AMF
exit
profile nf-pair nf-type PCF
exit
profile nf-pair nf-type UPF
exit
profile nf-pair nf-type CHF

37
Scenarios
exit
profile nf-client-failure nf-type pcf
service name type npcf-smpolicycontrol
message type PcfSmpolicycontrolCreate
action continue
exit
exit
exit
exit
exit
profile nf-client-failure nf-type chf
service name type nchf-convergedcharging
message type ChfConvergedchargingCreate
action continue
exit
exit
message type ChfConvergedchargingUpdate
action continue
exit
exit
exit
exit
exit
policy subscriber polSub
precedence 1
sst 01
sdt 000001
serving-plmn mcc 125
serving-plmn mnc 225
supi-start-range 100000000000001
supi-stop-range 999999999999999
gpsi-start-range 1000000000
gpsi-stop-range 9999999999
operator-policy opPol1
exit
precedence 511
operator-policy defOprPol1
exit
exit
policy operator defOprPol1
policy dnn defPolDnn
exit
policy operator opPol1
policy dnn polDnn
exit
policy dnn defPolDnn
profile default-profile
dnn cisco.com profile cisco.com
exit
policy dnn polDnn
profile default-profile
dnn cisco.com profile cisco.com
exit
nssai name slice1
sst 01

38
Scenarios
UPF - User Plane Function
sdt 000001
dnn [ cisco.com ]
exit
active-charging service ecs
charging-action ip-any
billing-action egcdr
content-id 10
service-identifier 10
exit
rulebase default
billing-records egcdr
action priority 10000 ruledef ip-any charging-action ip-any
exit
rulebase internet
exit
urr-list upf
rating-group 10 service-identifier 10 urr-id 10
exit
ruledef ip-any
ip any-match = TRUE
exit
exit
apn cisco.com
gtpp group group1
active-charging rulebase internet
exit
gtpp group group1
gtpp egcdr service-data-flow threshold interval 60
gtpp egcdr service-data-flow threshold volume downlink 100000 uplink 100000 total 200000
exit
UPF - User Plane Function

Value Proposition: UPF is based on VNF and it runs the StarOS. PFD push on Sx is disabled on UPF. SMF
doesn’t push the config to UPF. Instead, IP chunks are sent from SMF to UPF over Sx. UPF uses VPP for
fastpath.
Login to UPF
Procedure

Step 2 In the Saved Sessions section of the PuTTY Configuration window, select UPF-1. Then click Open.
Step 3 Login to UPF-1 with username admin, password Cisco@123.
Step 4 Check the UPF config. A flat network (no vlan) is used for the interfaces.
[local]UPF-1# show configuration

config

39
Scenarios
Login to UPF
cli hidden
tech-support test-commands encrypted password ***
cli test-commands encrypted password ***
license key "\
VER=1|DOI=1588623124|ISS=3|NUM=207512|CMT=SWIFT_License|LSG=2000000|LE\
C=2000000|FIS=Y|FR4=Y|FSR=Y|FPM=Y|FID=Y|FI6=Y|FLI=Y|FFA=Y|FCA=Y|FTP=Y|\
FDC=Y|FGR=Y|FAA=Y|FDQ=Y|FEL=Y|BEP=Y|FAI=Y|LCF=2000000|LPP=2000000|LGW=\
2000000|HIL=XT2|LSB=2000000|FND=Y|FRE=Y|FHE=Y|FVO=Y|FST=Y|FHH=Y|FDS=Y|\
LSE=2000000|FGD=Y|FAU=Y|FEG=Y|FCN=Y|FGO=Y|FWI=Y|FIE=Y|FNQ=Y|LCU=200000\
0|LUU=2000000|FRT=Y|FNS=Y|LNS=2000000|FUF=Y|SIG=MC0CFQC7DYNqeF8ETYV7dc\
hFnUUWZZTiwgIUa/6cRFiZ81+GIK1RfNwwVB2Ejz8"
system hostname UPF-1
autoconfirm
iftask restart-enable
require session recovery
require upf
require active-charging
ssh key-gen wait-time 0
context local
interface LOCAL1
ip address 198.18.134.40 255.255.192.0
#exit
ssh key
+
B
0
i
y
c0
e
8
h
a2
n
3
k
2
u6
d
2
k
m2
i
y
q
nk
1
r
0
p5
n
6
ij
v
g
f
l
07
8
s
p
rp
h
9
xi
0
2
sb
7
f
1
p83
n
o
0
qn
o1
x
p
j
e
be
a
0
fa
z
6
t
v5
q
o
9
hb
1
2
a5f
z
b
h
ya
s
q
0
o
l2
t
d
s
0k
5q
5
k
2
r
dk
1
gx
r
j
a
e7
2
x
2
dq
r
x
4
u
9d
r
p
3
q1
x
z
p
tu
r
e
3
rz
2
d
g
b
32
7
x
4
my
u
s
1g
l
4
5
3
n7v
w
q
g
3d
j
t
5
8g
a
x
7
d8
p
0
d
lr
j
0
d
u
91
y
i
1n
6
o
2
40
d
z
0k
s
1
7
6s
u
a
ud
r
4t
0
e
r
q
3j
0
x
u
st
up
2
f
3
g
wi
0
k
0
3t
s
t
1
ea
j
0
2
po
7
v
r
qy
1
v
2
f
lh
m
n
f8
j
u
0
sj
8
y
1
b4
x
4
8e
2
0
j
tm
w
5
v
kv
s
t
5
0
d2
s
l
7
yq
z
y
q
3f
2
w
f
13
v
kv
o
h
d
n0
6
jx
p
9
l
pj
1
h
8
38
i
o
c
a
64
d5
7
n
1
ma
3
s
2
b
we
f
l
k
51
k
p
o
3t
p
w
c
km
x
e
1
0d
9
q
v
37
c
m
h
j0
t
g
f
p
0c
8
s
0
19
w
2
f
t1
c
7
g
n5v
t
1
0
m6
c
0
m
1y
w
y
1
x
z2
r
1
m
62
f
i
6
8f
i
x
3l
2
4
2
u
1l
u
79
1
v
0
m
wn
e
z
u
lt
y
v
a
l0
n
u
w
4d
g
c
o
6
ni
v
0
6
nz
p
h
q
5
0x
v
h
j
0m
i
p
l
zj
y
q
c
pw
6
1
r
a
tn
g
q
l
yw
p
d
p
1b
l
3
a
x
9r
e
7
p
yc
0
z
o
2r
m
d
n
7t
a
3
9
3
m7
b
1
6
24
z
f
k
jx
1
w
z
g
5y
0
8
jq
y
0
e
0
k9
n
f
t
ms
q
l
k
fu
1
r
i
rm
h
z
w
8
d6
z
i
0
28
s
o
6
4s
l
0q
z
0
f
ti
1
s
n
hq
x
v
a
n0
s
a
k
3
mu
6
g
e
ub
t
3
g
vb
5
n
q
dx
c
0
q
u
1b
3
6
3
w7
b
u
b
ej
2
3
p
8
1f
v
2
l
5r
h
4
2c
b
v
g
fd
s
2
k
h6
u
1
4
26
8
c
m
ey
22
3
l
8
o2
0
p
s
z1
y
c
3
23
r
9
y
af
s
0
e
g
rd
2
1
2
90
k
l
x
yv
b
k
4
0
tc0
x
t
2
se
b
o
w
0g
x
l
0
lt
k
8m
fg
0b
x
w
e
b
34
y
4
q
g4
1
v
3
jr
e
4
g
w9
f
b
1
0
lu
j
u
b
in
v
0
f
nz
1
q
u
np
3
k
f
1s
n
7
n
2
g2
e
p
0
og
6
9
2
6f
2
e
x
4s
m
i
k
7i
n
k
t
1
lh
b
c
e
ch
k
ex
1
3
e
m4
w
0
6
awq
j
l
0
9
0r
w
1
e
m4
k
b
k
x0
8
y
q
s4
6
3
a
i
yx
v
\
+
B
3
s
4p
2
k
wd
s
3
t1
2
s
yw
8
v
c
14
c
9
39
2
1a
4
r
z6
1
m
5k
o
2
a
1y
2
m6
5
o
m
e2q
1
2
c
sim
o
j
tl
p
h
39
y
9
5
ga
v
z
jk
8
2x3
k
p
g
1z
4
g
aq
n
3
m2
s1
d
4
84
qm
1
4
3
eb
q
d
u1
c
z
1
h3
t
j
lz
5
y
p
ws
d
v
f1
z
q
ic
f
z
xe
d
a
53
c
j
15t
f
s
m
vd
t
r
2b
8
c
6
9q
t
s
gh
8
j
39
l
h
7
uy
n
y
c5
g
i
14
f
9
h
wx
t
6
7a
l
3o
h
9
zg
v
7
5d6
5
0
7a
r
4
p
8a
s
v
b3
6
1
h
3v
q
2
ld
4
m
9m
v
2
ne
9
g
6
dk
x
g
59
j
1
iv
9
p
o
q4
3
w
7w
8
0
1v
p
6
w
95
3
z
lu
n
3
e
be
q6
n
x
1
i7
8
r1
3
k
z
px
1
2
om
9
m
x1
u
3p
y
9
y
gy
2
r
xb
2
5
k1
i
k
j
ow
p
w
4r
3
l
a
8z
x
8
01
t
3
m
l3
j
5
xw
5
z
k9
l
j
4
p2
c
b
7uy
x
5
r
6m
2
4
3d
e
n
f
c6
e
9
fl
t
5
2
ip
9k
i
y
67
4
h3
0
u
it
c
o
i1
r
9
f
r0
6
2
fs
z
q
n
5q
0
9
73
u
e
t
5l
t
e
bv
z
f
o
3t
n
h
q3
w
a
dm
g
6
t
06
e
l
i5
c
g
x
h1
d
r
2r
8
p
b
o9
1
p
6x
0
z
3u
r
3
s
4m
1
8
g1
v
1
dp
a
7f
d
h
4j
3
7
3l
n
y
o
ut
h
6
qy
r
g
0
co
6
a
z7
t
p
x
ub
h1
0
d
p
hq
3
s
ct
a
k
r
3v
h
2
i6
a
g
o4
p
b
5
38
l
4
3p
i
u
v
mj
h
v
1g
e
f
s
ou
j
x
fh
y
j
3k
5
c
2o
b
q
j
km
g
r
26
0
w
k
mp
q
o
dy
vt
2
8
h
s9
z
a
rz
b
e
7
l2
q
h
o6
q
t
4b
h
i
f
h1
w
g
xw
f
a
p
zqx
a
k
0
93
g
i
9j
u
o
683e
zu
2
t
b
2d
c
6
z2
g
t
x
09
m
0
1i
x
r
42
u
e
g4
3
r
f
bt
v
0
o3
a
o
m
iu
3
g
mk
p
8
u3
h
c
a
2b
j
8
g8
g
r
3u
q
n
ex
t
f
c8
q
j1
2
c
0
5d
k
s
vz7
s
l
0n
9
h
r
cd
7
j
4n
p
s
\
len 938 type v2-rsa

server sshd
subsystem sftp
#exit
subscriber default
exit
administrator admin encrypted password ***
aaa group default
#exit
gtpp group default
#exit
ip route 0.0.0.0 0.0.0.0 198.18.128.1 LOCAL1
#exit
port ethernet 1/1
no shutdown
bind interface LOCAL1 local
#exit
ntp
enable
server 198.18.128.1
#exit
traffic-steering
#exit
active-charging service ECS
ruledef 3G-ims-block
ip any-match = TRUE
#exit
ruledef freeaccess
ip any-match = TRUE
#exit
ruledef ip-any
ip any-match = TRUE
#exit
ruledef rda20
ip any-match = TRUE
#exit
urr-list urr_smf

40
Scenarios
Login to UPF

#exit
charging-action ca1
flow limit-for-bandwidth direction downlink peak-data-rate 4000000000 peak-burst-size
100 violate-action discard
flow limit-for-bandwidth direction uplink peak-data-rate 4000000000 peak-burst-size
100 violate-action discard
#exit
charging-action caonline
#exit
charging-action ip-any
content-id 10
#exit
rulebase RB1
dynamic-rule order first-if-tied
action priority 5 ruledef rda20 charging-action ca1 desc static
action priority 12 dynamic-only ruledef freeaccess charging-action caonline
action priority 14 dynamic-only ruledef 3G-ims-block charging-action ca1
#exit
rulebase default
#exit
rulebase internet
#exit
policy-control charging-rule-base-name active-charging-rulebase
firewall nat-alg ftp ipv4-and-ipv6
traffic-optimization-policy default
#exit
#exit
context up
bfd-protocol
slow-timers 1000
#exit
interface n3
ip address 10.192.5.20 255.255.255.224
#exit
interface n4
ip address 10.192.4.20 255.255.255.224
#exit
subscriber default
exit
aaa group default
#exit
gtpp group default
#exit
gtpu-service n3-upf-in
bind ipv4-address 10.192.5.20 bearer-type all
exit
gtpu-service n4u-upf
bind ipv4-address 10.192.4.20 bearer-type all
exit
sx-service sx-svc
instance-type userplane
bind ipv4-address 10.192.4.20
sx-protocol heartbeat interval 30
sx-protocol association reattempt-timeout 30

41
Scenarios
Login to UPF
exit
user-plane-service upf
associate gtpu-service n3-upf-in upf-ingress
associate gtpu-service n4u-upf cp-tunnel
associate sx-service sx-svc
associate fast-path service
associate control-plane-group cp-group-1
exit
ip igmp profile default
#exit
#exit
context ISP
interface sgi
ip address 10.192.6.20 255.255.255.224
#exit
subscriber default
exit
apn cisco.com
gtpp group group1
ip context-name ISP
active-charging rulebase internet
exit
apn starent.com
pdp-type ipv4 ipv6
ip context-name ISP
active-charging rulebase starent
exit
aaa group default
#exit
gtpp group default
gtpp egcdr service-data-flow threshold volume downlink 100000
gtpp egcdr service-data-flow threshold volume uplink 100000
#exit
gtpp group group1
gtpp egcdr service-data-flow threshold volume downlink 100000
gtpp egcdr service-data-flow threshold volume uplink 100000
#exit
ip igmp profile default
#exit
#exit
control-plane-group cp-group-1
peer-node-id ipv4-address 10.192.4.16 interface n4
#exit
user-plane-group default
sx-reassociation enabled
sx-pfd-push disabled
#exit
port ethernet 1/10
no shutdown
bind interface n4 up
#exit
port ethernet 1/11
no shutdown
bind interface n3 up
#exit
port ethernet 1/12
no shutdown
bind interface sgi ISP
#exit
end
Step 5 Enter the following command to check the services.

42
Scenarios
Login to UPF
[local]UPF-1# show service all

ContextID ServiceID ContextName ServiceName State MaxSessions Type
--------- --------- ----------- ----------- ---------- ----------- ----
2 1 up n3-upf-in Started 0 gtpu
2 2 up n4u-upf Started 0 gtpu
2 3 up sx-svc Started 0 sx
2 4 up upf Started 460000 user-plane
[local]UPF-1#
Step 6 Check the cloud configuration. VPP is enabled for fastpath.
[local]UPF-1# show cloud configuration

Card 1:
Config Disk Params:
-------------------------
No config disk available
Local Params:
-------------------------
FORWARDER_TYPE=vpp
Step 7 Verify the Sx peers. Peer-id should be non-zero and IP chunks should be available on UPF.
[local]UPF-1# show sx peers wide

+---Node Type: (C) - CPLANE (U) - UPLANE
|
|+--Peer Mode: (A) - Active (S) - Standby
|
||+-Association (i) - Idle (I) - Initiated
||| State: (A) - Associated (R) - Releasing
||| (X) - Released
|||
|||+Configuration (C) - Configured (N) - Not Configured (X) - Not Applicable
||||State:
||||
||||+IP Pool: (E) - Enable (D) - Disable (N) - Not Applicable
|||||
|||||+Push Config Status: (C) - Push Complete (P) - Push in Progress (X) - Not Applicable
|||||| (E) - Push Error
||||||
||||||+Monitor State: (U) - UP (D) - DOWN (N) - Not Applicable
|||||||
||||||| ID
Restart
||||||| | Recovery
| Current Max Peer Config Auto-Config Config Push Config
Push
vvvvvvv v Group Name Node ID Peer ID Timestamp
v Sessions Session State Failures Success Start Time End Time
------ ---- -------------------- ------------------------------ ---------- -------------------
---- --------- -------- ------- ------- --------- ------------------- -------------------
CAAXDXN 3 cp-group-1 10.192.4.16 33554433
2021-04-11:07:27:30 0 0 0 NONE 0 0 NA
NA
Total Peers: 1

43
Scenarios
5G Call Simulation
Note If the Sx peer is not up, perform the below steps on the UPF-1 session:
[local]UPF-1# conf
[local]UPF-1(config)# context up
[up]UPF-1(config-ctx)# user-plane-service upf
[up]UPF-1(config-user-plane-service)# no associate control-plane-group cp-group-1
[up]UPF-1(config-user-plane-service)# associate control-plane-group cp-group-1
[up]UPF-1(config-user-plane-service)# end
Step 8 Enter the following command to verify the IP chunks.
[local]UPF-1# context ISP

[ISP]UPF-1# show ip chunks
=======================================================================================================
Peer Address: 10.192.4.16
=======================================================================================================
|----------|------------|--------------------------------|---------------|---------------|------------|
| chunk-id | chunk-size | vrf-name | start-addr | end-addr |
used-addrs |
|----------|------------|--------------------------------|---------------|---------------|------------|
| 1048577| 256| | 11.11.1.0| 11.11.1.255|
0|
|----------|------------|--------------------------------|---------------|---------------|------------|
[ISP]UPF-1# show ipv6 chunks
==============================================================================================================================
Peer Address: 10.192.4.16
==============================================================================================================================
|----------|------------|--------------------------------|-------------------------|-------------------------|---------------|
| chunk-id | chunk-size | vrf-name | start-prefix |
end-prefix | used-prefixes |
|----------|------------|--------------------------------|-------------------------|-------------------------|---------------|
|2149580801| 256| | 2001:4870:e00b:1700::|
2001:4870:e00b:17ff::| 0|
|----------|------------|--------------------------------|-------------------------|-------------------------|---------------|
5G Call Simulation
Value Proposition: Lattice is a tool used to simulate UE, gNB, AUSF, UDM, PCF and CHF to test end-to-end
5G calls. WE shall setup, initiate, and verify a 5G call in this scenario.
5G Call Setup
To setup the 5G call:

44
Scenarios
5G Call Setup
Procedure
Step 1 On the remote desktop, launch the lattice PuTTY session. If you are prompted to login, enter Username root,
password Cisco@123.
Step 2 Open seven additional lattice sessions, for a total of eight (this is so you can see all transactions). Then run
the commands shown below for each terminal. Keep monitoring the NRF (1st terminal) to see registration
for the other NFs.
1st terminal (NRF)
Note You can ignore the below output while executing commands on lattice for the 1st terminal (NRF).
An example follows:
root@lattice:~/lattice_77986# ./lattice --traf-bridge-ip 127.0.0.1 --cli-bridge-port 12602 &
[2] 1605
root@lattice:~/lattice_77986# TcpSocket::bind(): bind system call failed: Address already in use
Step 3 Enter the following command to change to the lattice 77986 directory.
root@lattice:~# cd lattice_77986/
root@lattice:~/lattice_77986#
Step 4 Enter the following commands one by one at the root@lattice:~/lattice_77986# prompt.
root@lattice:~/lattice_77986# pkill lattice

root@lattice:~/lattice_77986# ./lattice --traf-bridge-ip 127.0.0.1 --cli-bridge-port 12601
&
&
&
&
&
&
&
&
root@lattice:~/lattice_77986# ./cli -p 12601 -f /root/configs/nrf.cfg
[lattice]>
2nd terminal (AUSF)
root@lattice:~/lattice_77986# ./cli -p 12602 -f /root/configs/ausf.cfg
[lattice]>
3rd terminal (UDM-AM)
root@lattice:~/lattice_77986# ./cli -p 12603 -f /root/configs/udm-am.cfg
[lattice]>

45
Scenarios
Monitor Subscriber
4th terminal (UDM-SM)
root@lattice:~/lattice_77986# ./cli -p 12604 -f /root/configs/udm-sm.cfg
[lattice]>
5th terminal (PCF-SM)
root@lattice:~/lattice_77986# ./cli -p 12605 -f /root/configs/pcf-sm.cfg
[lattice]>
6th terminal (PCF-AM)
root@lattice:~/lattice_77986# ./cli -p 12606 -f /root/configs/pcf-am.cfg
[lattice]>
7th terminal (CHF)
root@lattice:~/lattice_77986# ./cli -p 12607 -f /root/configs/chf.cfg
[lattice]>
Monitor Subscriber
Before starting the call, we will first initiate the monitor subscriber function on AMF and SMF, and then
initiate the monitor protocol function on the UPF.
Procedure
Step 1 On the remote desktop, launch PuTTY to start two K8s Master sessions (username cloud-user, password
Cisco@123), and one UPF-1 session (username admin, password Cisco@123).
Step 2 On the first K8s Master session, enter the following commands to login to AMF.
cloud-user@5g-master-1:~$ ssh -p 2024 admin@10.97.66.34 -o ServerAliveInterval=60

[5g/amf] amf#
Step 3 On the second K8s Master session, enter the following commands to login to SMF.

[5g/smf] smf#

46
Scenarios
Monitor Subscriber
Step 4 On the AMF and SMF sessions, enter the following command.
monitor subscriber supi imsi-* capture-duration 10000
Step 5 On the UPF-1 session enter the monitor protocol command and press Enter.
[local]UPF-1# monitor protocol

MONITOR GLOBAL PROTOCOLS:
11 - SNMP 21 - L2TP (Admin only)
12 - RADIUS Authentication (Admin only) 22 - L2TPMGR (Admin only)
13 - RADIUS Accounting (Admin only) 23 - L2TP Data (Admin only)
14 - A11 (R-P Interface) (Admin only) 24 - GTPC (Admin only)
15 - Mobile IPv4 (Admin only) 25 - TACACS (Admin only)
16 - A11MGR (Admin only) 26 - GTPU (Admin only)
17 - PPP (Admin only) 27 - GTPP (Admin only)
18 - A10 (Admin only) 28 - DHCP (Admin only)
19 - User L3 (Admin only) 29 - CDR (Admin only)
20 - USERTCP STACK (Admin only) 30 - DHCPV6 (Admin only)
31 - RADIUS COA (Admin only) 51 - SCTP (Admin only)
32 - MIP Tunnel (Admin only) 52 - M3UA (Admin only)
33 - L3 Tunnel (Admin only) 53 - SCCP (Admin only)
34 - CSS Data (Admin only) 54 - TCAP (Admin only)
35 - CSS Signaling (Admin only) 55 - MAP (Admin only)
36 - EC Diameter (Admin only) 56 - RANAP (Admin only)
37 - SIP (IMS) (Admin only) 57 - GMM (Admin only)
38 - IPSec IKE Inter-Node (Admin only) 58 - GPRS-NS (Admin only)
39 - LMISF (Admin only) 59 - BSSGP (Admin only)
40 - IPSec IKE Subscriber (Admin only) 60 - CAP (Admin only)
41 - IPSG RADIUS Signal (Admin only) 61 - SSCOP (Admin only)
42 - ROHC (Admin only) 62 - SSCFNNI (Admin only)
43 - WiMAX R6 (Admin only) 63 - MTP3 (Admin only)
44 - WiMAX Data (Admin only) 64 - LLC (Admin only)
45 - SRP (Admin only) 65 - SNDCP (Admin only)
46 - BCMCS SERV AUTH (Admin only) 66 - BSSAP+ (Admin only)
47 - RSVP (Admin only) 67 - SMS (Admin only)
68 - OpenFlow (Admin only)
48 - Mobile IPv6 (Admin only) 69 - X2-AP (Admin only)
49 - PFCP (Admin only)
50 - STUN (Admin only) 70 - DNS Client (Admin only)
71 - MTP2 (Admin only) 76 - NSH (Admin only)
72 - HNBAP (Admin only) 77 - ICAP/UIDH (Admin only)
73 - RUA (Admin only) 78 - Micro-Tunnel (Admin only)
74 - EGTPC (Admin only) 79 - ALCAP (Admin only)
75 - App Specific Diameter (Admin only) 80 - SSL (Admin only)
81 - S1-AP (Admin only) 82 - NAS (Admin only)
83 - LDAP (Admin only) 84 - SGS (Admin only)
85 - AAL2 (Admin only) 86 - S102 (Admin only)
87 - PPPOE (Admin only)
88 - RTP(IMS) (Admin only) 89 - RTCP(IMS) (Admin only)
90 - LMI (Admin only) 91 - NPDB(IMS) (Admin only)
92 - SABP (Admin only) 93 - OCSP (Admin only)
94 - SLS (Admin only) 96 - SBc-AP (Admin only)
97 - M3AP (Admin only)
(B)egin Protocol Decoding, (Q)uit, <ESC> Prev Menu
Select:
Step 6 In the Select field, enter 49 for PFCP. Note that the second number (9) will not display as you type it. After
you enter the value, your selection will be highlighted in the menu with a >. For example, > 49 – PFCP. Do
not press Enter.

47
Scenarios
Start the 5G Call (8th Lattice Terminal Session – UE and gNB)
Step 7 In the Select field, now enter 26 for GTPU. Note that the second number (6) will not display as you type it.
After you enter the value, your selection will be highlighted in the menu with a >. For example, > 26 – GTPU.
Do not press Enter.
Step 8 Enter B to begin the protocol decoding. Then type Y to confirm.
Step 9 Type ++++ (four plus signs) and press Enter.
Start the 5G Call (8th Lattice Terminal Session – UE and gNB)

Procedure
Go back to lattice on your 8th terminal session and enter the following commands:
root@lattice:~/lattice_77986# ./cli -p 12608 -f /root/configs/ue-gnb.cfg
[lattice]> 2021-04-14 04:12:35.765 [sctp debug] [Sctp.cpp:374] Added IP 10.192.4.11 port
1000 to SockMap
2021-04-14 04:12:35.768 [sctp debug] [Sctp.cpp:119] sctp connection up: local EP =
10.192.4.2[port:25], remote EP = 10.192.4.11[port:1000]
2021-04-14 04:12:35.769 [ngap debug] [NgapFsm.cpp:222] Sending NG Setup Request
2021-04-14 04:12:35.801 [ngap debug] [NgapFsm.cpp:896] Received NG Setup Response from AMF
[lattice]> start call-model m4
Note You can use call-model m6 for ipv6 PDU sessions and m46 for ipv4v6 PDU sessions.
5G Call Verification
To verify the 5G call:
Procedure
Step 1 On the remote desktop, launch PuTTY and start two additional K8s Master sessions (username cloud-user,
password Cisco@123).
Step 2 On the first additional K8s Master session, enter the following commands to login to AMF.

[5g/amf] amf#
Step 3 On the second additional K8s Master session, enter the following commands to login to SMF.


48
Scenarios

[5g/smf] smf#
Step 4 Run the commands shown below on the additional SMF and AMF sessions. The sequence of parameters
shown in the output may vary each time you run this command.
On the SMF session:
[5g/smf] smf# show sub all

subscriber-details
{
"records": [
{
"keys": [
"ipv4-addr:poolv4/11.11.1.1",
"upf:10.192.4.20",
"access:3gpp access",
"chfGroupId:CHF-dnn=cisco.com;",
"amf:10.192.4.10",
"ipv4-pool:poolv4",
"policy:2",
"dnn:cisco.com",
"ipv4-range:poolv4/11.11.1.1",
"connectivity:5g",
"upfEpKey:10.192.4.20:10.192.4.16",
"pcf:10.192.4.9",
"rat:nr",
"udm:10.192.4.8",
"chf:10.192.4.7",
"supi:imsi-125225789020845",
"ipv4-startrange:poolv4/11.11.1.1",
"pcfGroupId:PCF-targetPlmn=[{\"mcc\":\"125\",\"mnc\":\"225\"}];"
]
}
]
}
On the AMF session:
[5g/amf] amf# show sub all

subscriber-details
{
"subResponses": [
[
"ngapId:16777217",
"guti:12522501008301000001",
"stmsi:008301000001",
"supi:125225789020845"
]
]
}
Step 5 On the remote desktop, launch PuTTY and open a new UPF-1 session (username admin, password
Cisco@123).
Step 6 On the new UPF-1 session, enter the following command to check the subscribers’ statistics.
[local]UPF-1# show subscribers user-plane-only full al | more

Local SEID : [0x0018000000000000] 6755399441055744

49
Scenarios
Remote SEID : [0x01000001c056a07f] 72057601559797887

State : Connected
Connect Time : Wed Apr 14 00:12:46 2021
Idle time : 00h02m25s
Access Type: uplane-ipv4 Network Type: IP
user-plane-service-name: upf
Callid: 017dc661
Rulebase: internet
Interface Type: N4
eMPS Session: No
eMPS Session Priority: 0
Card/Cpu: 1/0 Sessmgr Instance: 6
IP address: 11.11.1.1
Next Hop Ip Address:
Source context: up Destination context: ISP
PDN-Instance: cisco.com
~snip~
Note Refer to Appendix B for additional SMF, CEE, and UPF CLI commands.

50
CHAPTER 3
Appendix
• Appendix A. Failure Recovery Procedure, on page 51
• Appendix B. CLI Reference, on page 53
Appendix A. Failure Recovery Procedure

1. In this example, a few AMF pods are in the CrashLoopBackOff state.
cloud-user@5g-master-1:~$ kubectl get pods -A -o wide | grep CrashLoopBackOff

amf-amf amf-amf-amf-protocol-ep-df7f4768f-dk7lh 0/1
CrashLoopBackOff 59 5d12h 28.0.19.29 5g-worker-3 <none>
<none>
amf-amf amf-amf-amf-rest-ep-0 0/1
CrashLoopBackOff 56 5d12h 28.0.19.11 5g-worker-3 <none>
<none>
amf-amf amf-amf-amf-service-0 0/1
CrashLoopBackOff 58 5h34m 28.0.189.164 5g-worker-1 <none>
<none>
amf-amf oam-pod-0 0/1
CrashLoopBackOff 61 5h34m 28.0.189.172 5g-worker-1 <none>
<none>
2. Login to the Ops-center of CNF for which pods are in CrashLoopBackOff. In this case, it’s AMF.
cloud-user@5g-master-1:~$ kubectl get svc -n amf-amf | grep 2024

8008/TCP,8080/TCP,2024/TCP,2022/TCP,7681/TCP 9d
ops-center-amf-amf-ops-center-698d7f7c59-4nrck
[5g/amf] amf#
3. Perform a system mode shutdown. Wait until you see the message System is current running at 100.00.
[5g/amf] amf# conf

Entering configuration mode terminal
[5g/amf] amf(config)# system mode shutdown
[5g/amf] amf(config)# commit
Commit complete.

51
Appendix
Appendix A. Failure Recovery Procedure
[5g/amf] amf(config)#
Message from confd-api-manager at 2021-04-21 05:24:47...
Helm update is STARTING. Trigger for update is SHUTDOWN.
System is current running at 91.29
Helm update is SUCCESS. Trigger for update is SHUTDOWN.
4. Perform a system mode running operation. Wait until you see the message System is current running
at 100.00.
[5g/amf] amf(config)# system mode running

[5g/amf] amf(config)# commit
Commit complete.
Helm update is STARTING. Trigger for update is CHANGE.
Helm update is SUCCESS. Trigger for update is CHANGE.
Pods will be re-deployed and the system will be in a healthy state.

52
Appendix
Appendix B. CLI Reference
Appendix B. CLI Reference

This Appendix contains various SMF, CEE UPF CLI commands for your reference and use.
SMF CLI Commands

NRF registration details
show nrf registration-info

show nrf subscription-info
Session details
show sub all

show subscriber supi imsi-125225789020845 // SM Policy and QOS
show subscriber count all
show subscriber dnn cisco.com
show subscriber amf 10.192.4.10
show subscriber pcf <pcf_ip>
show subscriber udm <udm_ip>
show subscriber chf <chf_ip>
show subscriber rat nr
Resources
show resources info

show endpoint info
show system status
Version
show helm
Peer NF
show peers
Session Distribution
show sessions affinity
Pool and N4 Peer Details
show subscriber ipv4-pool poolv4

show ipam dp
CEE CLI Commands

Kubectl Logs
cluster logs "(smf-service.|smf-rest.|smf-nodemgr.|smf-protocol.|gtpc-ep.|udp-proxy.)" -n

smf-smf -e | more
cluster logs "(amf-service.|amf-rest.|amf-protocol.|amf-sctp.)" -n amf-amf -e | more

53
Appendix
UPF CLI Commands
Kubectl Get Output
show cluster services smf-smf

show cluster pods smf-smf
show cluster services amf-amf
show cluster pods amf-amf
show cluster nodes
show cluster ingresses
show cluster namespaces
Alerts and Bulk Statistics
show alerts active summary

show bulk-stats current
UPF CLI Commands

Sx Association
show sx peers wide

show sx-service statistics all
IP Chunks Verification
context ISP
show ipv6 chunks
show ipv6 routes
[ISP]UPF-1# show ipv6 route | grep 2001:4870:e00b:1700
*2001:4870:e00b:1700::/56 :: connected
0 0
Session Verification
show sub full imsi 125225789020845 | grep callid

show sub user-plane-only full callid/seid
Mon pro: Sx 49, GTPU 26
Mon sub using IMSI/callid/ipaddr
ECS Config
show user-plane-service rulebase all

show user-plane-service ruledef all
show user-plane-service pdn-instance all
User-plane Statistics
show user-plane-service statistics all

show user-plane-service statistics rulebase all
show user-plane-service statistics analyzer all
Fastpath Statistics
show user-plane-service statistics fapi sessmgr 1
Policy and Charging Statistics
show subscribers user-plane-only callid <callid> pdr full all

show subscribers user-plane-only callid <callid> urr full all

54
Appendix
UPF CLI Commands
show subscribers user-plane-only callid <callid> far full all

show subscribers user-plane-only callid <callid> qer full all
show subscribers user-plane-only callid <callid> bli full all
show subscribers user-plane-only callid <callid> flows full

55
Appendix
UPF CLI Commands

56
CHAPTER 4
What’s Next?
Check out related technology on Cisco dCloud.

57
What’s Next?

58

B Ultra Cloud Core CNDP Smi 5g Lab v1

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

B Ultra Cloud Core CNDP Smi 5g Lab v1

Uploaded by

Copyright:

Available Formats

Cisco Ultra Cloud Core CNDP SMI 5G v1

First Published: 2021-06-04

Verify CNDP Cluster Manager 7

Cisco Ultra Cloud Core CNDP SMI 5G v1

Appendix A. Failure Recovery Procedure 51

CHAPTER 4 What’s Next? 57

Cisco Ultra Cloud Core CNDP SMI 5G v1

About This Lab

Laptop with Cisco AnyConnect®

About this Solution

Cisco Ultra Cloud Core CNDP SMI 5G v1

Cisco Ultra Cloud Core CNDP SMI 5G v1

Cisco Ultra Cloud Core CNDP SMI 5G v1

Host Name IP Address Username Password

Compute2 VMware ESXi Compute2d.emod.cloudc.iscoc.om 198.18.134.42 root C1sco12345

Compute3 VMware ESXi Compute3d.emod.cloudc.iscoc.om 198.18.134.43 root C1sco12345

Compute4 VMware ESXi Compute4d.emod.cloudc.iscoc.om 198.18.134.44 root C1sco12345

Compute5 VMware ESXi Compute5d.emod.cloudc.iscoc.om 198.18.134.45 root C1sco12345

Compute6 VMware ESXi Compute6d.emod.cloudc.iscoc.om 198.18.134.46 root C1sco12345

Compute7 VMware ESXi Compute7d.emod.cloudc.iscoc.om 198.18.134.47 root C1sco12345

Compute8 VMware ESXi Compute8d.emod.cloudc.iscoc.om 198.18.134.48 root C1sco12345

Esxi1 VMware ESXi Esxi1.demo.dcloud.cisco.com 198.18.134.27 root C1sco12345

Esxi2 VMware ESXi Esxi2.demo.dcloud.cisco.com 198.18.134.28 root C1sco12345

SMI Components Details

SMI CM VIP CNDP Cluster 198.18.134.12 cloud-user Cisco@123

Smi-cluster-cm-active CNDP Cluster 198.18.134.10 cloud-user Cisco@123

Smi-cluster-cm-standby CNDP Cluster 198.18.134.11 cloud-user Cisco@123

Master VIP K8s Master VIP 198.18.134.30 cloud-user Cisco@123

5g-master-1 K8s Master-1 198.18.134.31 cloud-user Cisco@123

Cisco Ultra Cloud Core CNDP SMI 5G v1

Name Description IP Address Username Password

5g-master-3 K8s Master-1 198.18.134.33 cloud-user Cisco@123

5g-worker-1 K8s Worker-1 198.18.134.34 cloud-user Cisco@123

5g-worker-2 K8s Worker-2 198.18.134.35 cloud-user Cisco@123

5g-worker-3 K8s Worker-3 198.18.134.36 cloud-user Cisco@123

5g-worker-4 K8s Worker-4 198.18.134.37 cloud-user Cisco@123

UPF-1 UPF VNF 198.18.134.40 admin Cisco@123

Lattice Call Simulator 198.18.134.26 root Cisco@123

NSO Cisco NFV-O 198.18.134.29 root Cisco@123

Before You Present

PREPARATION IS KEY TO A SUCCESSFUL PRESENTATION.

Cisco Ultra Cloud Core CNDP SMI 5G v1

Step 1 Initiate your dCloud session. [Show Me How]

Cisco Ultra Cloud Core CNDP SMI 5G v1

Verify CNDP Cluster Manager

Step 1 On the remote desktop, launch PuTTY.

cloud-user@smi-cluster-cm-active:~$ kubectl get nodes

cloud-user@smi-cluster-cm-active:~$ kubectl get ns

Cisco Ultra Cloud Core CNDP SMI 5G v1

kube-system Active 7d13h

cloud-user@smi-cluster-cm-active:~$ kubectl get pods -n smi-cm

cloud-user@smi-cluster-cm-active:~$ kubectl get svc -n smi-cm

cloud-user@smi-cluster-cm-active:~$ ssh -p 2024 admin@10.102.132.151

Cisco Ultra Cloud Core CNDP SMI 5G v1

node-defaults os ntp servers 198.18.128.1

Cisco Ultra Cloud Core CNDP SMI 5G v1

k8s ssh-ip 198.18.134.31

Cisco Ultra Cloud Core CNDP SMI 5G v1

vmware sizing disk-home-gb 20

Cisco Ultra Cloud Core CNDP SMI 5G v1

k8s node-labels smi.cisco.com/node-type session

Cisco Ultra Cloud Core CNDP SMI 5G v1

initial-boot-parameters auto-deploy false